How to Avoid the QuickTime MySpace Phishing Scam

Reports of phishing exploits on MySpace Web pages that host QuickTime files have reached a fevered pitch unfortunately, most of those reports are slim on details. The potential threat is real, but understanding what it is can help you avoid accidentally giving up your personal information.

If you are logged into MySpace and view a maliciously crafted QuickTime file on someone else's MySpace page, then JavaScript code can automatically change your user profile. The malicious QuickTime file can modify your MySpace page by adding links to fake MySpace pages that collect user names and passwords. The Quicktime file can also copy itself to your MySpace page without your interaction.Technology News: Security: How to Avoid the QuickTime-MySpace Phishing Scam

Linked by shanmuga Wednesday, 6th December 2006 11:38PM