It is an odd paradox that few beyond the relatively small audience of young users had ever heard of the Myspace.com social networking site until people starting attacking it.
In an unvirtuous circle, every new attack on MySpace means that more people have heard of it, which makes it more popular. The more popular it becomes, the larger pool of potential victims for attackers.
The targeting of MySpace has risen to vie with the great eBay and 419 scams as social engineering scam of the year. The latest, and quite plausible, example urges recipients to click on music-related links, ostensibly sent from a MySpace contact.
The link leads to what appears to be an MP3-peddling site in Finland, but which is in fact a fake e-commerce site for scamming people’s credit cards. It more than a phish – it’s a double phish. The hijacked brand is the lure, the apparently legitimate site the tempter, the back end the phish.
Of course, the emails aren’t necessarily received by MySpace users, but the emails only need to hit a small number of the site’s 43 million users to make a return.
Scammers might be crooks, but they know what’s hot and what’s not. It's a compliment really.