One of the newest problems with the popular website MySpace.com is that third parties are starting to use MySpace as a domain for phishing, just as they have been doing with websites such as eBay or PayPal.  What is phishing exactly?  Well, phishing is a net term for fishing for information.  Of course, the information that these scam artists are fishing for is not whether you have blue or green eyes and what eye color you prefer in your future dates.  No, the information scam artists are hoping to gather is information that will help them to steal your identity in one way or another.  Some websites carry information as sensitive as your social security number and the numbers of your bank accounts.  When scammers gain access to your user name and password, they have access to absolutely everything that is stored in these websites.  You might be thinking that every reputable website asks for reconfirmation of your identity before taking you to secure information pages such as bank accounts and the like.  If that’s what you’re thinking, you’re forgetting how it is that these scammers get to your account in the first place.

What these scammers, phishers, do is they send you an email.  In the ‘from’ column they’ve entered a return address for, in this case, MySpace.  When you open the email up, you will see exactly the same email format as you always get from MySpace—meaning the same fonts, the same logos, and the same setup of the email.  Inside the email there will be a link that looks like it’s to myspace.com, but is actually to another site, specifically, their own site, where they are using servers to look like myspace.com, but have nothing to do with the real thing at all.  The first site that the email link takes you to will ask you for your user name and password, seemingly so that you can gain access to your account; though this seems innocent enough, it is all a hoax.  Once they’ve recorded your user name and password (when you press return) you are re-directed to the actual myspace.com site, meaning that you have no idea that you just gave your sign-on information to total strangers.

They then have your sign on information, to do with as they wish.  Again, though myspace.com might not have the most telling information about you (not your social security number, etc.) it is certainly not a good idea to let others hack around in any of your accounts, MySpace included.  The solution might seem simple enough, you might be thinking that nobody should open these emails or shouldn’t click on the links in the emails if they are silly enough to open the email in the first place.  It’s just not that simple, folks.  Professionals that know exactly how to remake the company’s logo and know exactly what a form email from MySpace do these phisher emails, or another company looks like.  Everyone receives real messages from these sites every day.  “You have a friend request” or “you have new picture comments”.  It’s not difficult to know what a form email from MySpace looks like; they’re all over the web.  The solution then…is it to give up on the net entirely?

No, the solution is to not go to websites from links in email.  If you type in the www address in the address bar, you are sure that you are being taken to the real site—not one that looks just like the real one.  Next time you get a notification from PayPal that your accounts are out of date and need immediate attention; resist the urge to click on the link “provided for your convenience”.  Instead, simply open a new search window and type in the link directly.  Once you sign in, change your password, just to be sure, and continue to enjoy all that the WWW has to offer!