Posted by Virus Bulletin on Oct 19, 2006
Phishers pose as online contacts to push bogus shopping sites.
A major spam campaign is bombarding inboxes with mails masquerading as messages from conacts on web social and content-sharing site MySpace.
The mails pretend to come from someone linked to the victims via the network, spoofing the MySpace style as well as sender info, and include links to faked music download sites. Users who attempt to buy from the bogus sites find their financial details harvested and used to strip bank accounts.
The shopping sites are slickly made and offer an easy shopping expereince, as well as rock-bottom prices. The campaign was first seen hitting Japanese users, but has since spread worldwide with over 50,000 instances recorded by security firm Fortinet in little over a week.
Analysis of the campaign can be found at Fortinet's site.
Posted on 19 October 2006 by Virus Bulletin
