MySpace and Facebook Target for Spam, Malware and Phishing

Over the last few months, well know social network sites MySpace and Facebook have been the latest targets in Malware and Phishing attacks aimed at getting your information and harming your computer. Most of the attacks have posed as emails from known sources but actually use the "fake codec" infection method. This method is often an email asking one to "Update" their profile or in the case of MySpace a zip file that contains an executable file that will attempt to steal your information.

Sources within Symantec, McAfee, and other Anti-Spam companies are expecting a new round to start soon, most likely emailing different URL's via email applications of both Facebook and MySpace. Beware of the following subject lines in your Facebook or MySpace inbox:

• Facebook account update

• New login system

• Facebook Update tool

• Myspace Password Reset Confirmation

• Myspace office on fire

• Myspace was ruined

In looking at both Facebook and Myspace, you will find different approaches in how to handle SPAM emails. Facebook mostly just wants you to delete the emails, unless it is an email concerning money scams. If the email is about money and is a money scam, please go here and report it using the link under money scams.

Myspace wants you to report any type of Spam that you receive. I actually think that this is a better approach. I am sure that it takes more resources to deal with all the emails that reporting SPAM, but this also allows someone to track down the issue and hopefully save other's headaches by killing off the source. Here is a link to the page that will supply you with the needed directions on how to report SPAM.

What can I do about Spam, Phishing, and Malware on my Facebook or MySpace account? I have found several things that we can all do to help lower the risk. First, if the email seems strange, meaning that it would be unusual for that person to send an email with a video or picture, and then delete the email, or you might want to verify the email before opening. Send them a message asking if they did send the original email. If the email asks, you to do anything with your account either delete or report the email right away. Remember that these sites will not send you these types of emails. If you think for a moment that your account might have been the target of anything malicious, I always suggest that one change their password immediately. And make sure that it is a very hard password meaning that you want upper case letters, lower case letters, numbers and even a special character or two. A special character might be for example the "@" sign or change a one out with the "!" symbol. Something that gives your password some extra teeth to it to make it harder to be hacked.