“Phishing” attempts on MySpace.com

Social networking website MySpace.com users are cautioned against a worm that replaces legitimate links on their profiles and directs them to a phishing site. The users’ login id and password are captured and used to send spam promoting adware sites to the victims’ contact list.

The worm is also spread through an embedded QuickTime movie on the victim's profile, which then repeats the infection process for every visitor to the profile. MySpace managers have conducted an informal scan that identified at least 45 infected profiles out of 150.

MySpace.com is just among the many sites that have been reported to experience phishing attempts. Sites such as PayPal, Skype and America On Line have not escaped these worm attacks.

In the United States, phishing is considered to be a criminal activity. The term “phishing is actually a variation of the word “fishing”. The so-called “phishers” try to fish or acquire user information like passwords and credit cad details through emails and even instant messages and use them to access the victims’ accounts.

Last March 1, 2005, Democratic Senator Patrick Leahy introduced the Anti-Phishing Act of 2005. In October of the same year, California passed the very first anti-phishing law. Since then any person who are caught creating bogus web sites or sending fake emails through spam to lure users into giving off their account details will be fined up to five hundred thousand dollars ($500,000) and jailed for up to 5 years.

An estimated $929 million was reported lost by internet users between 2004 and 2005 alone due to phishing, while $2 billion are lost by businesses each year when their clients become victims of phishing.

As a legal response, companies such as Microsoft and AOL have started filing federal lawsuits against those caught phishing, to re-inforce combat against cyber crimes.