UPDATE: See also “MySpace Security Mockery”
There’s a disturbing and annoying new trend that is becoming fairly rampant on MySpace these days, and that trend is Bulletin spamming through profile hacking.
The term “hacking” refers to a certain collection of low-life scum out in cyberspace deceiving you in one way or another, in such a way that you unwittingly give up your email and profile password to them. Once they have your details, they can then log into your account and start posting SPAM bulletin posts from your account with headlines such as the following I have received lately from some of my friends:
- “Funny New Video” or
- “hot new pic/cam related myspace site!” or even something like
- “HOTTEST NEW FREE RINGTONES!”
It’s basically stupid stuff being advertised that you will easily be able to recognise, generally because the content will be VERY out of character in regards to what that “friend” normally posts.
It’s annoying I know… and the only way really to combat the problem is through education – hence why I am writing this to explain to everyone how the hacking can potentially occur, how you can protect yourself from being hacked and what you need to do to stop hackers from accessing your account and using it to spread SPAM bulletins to all your listed friends.
1. How Does Hacking Occur?
NB. I’m not suggesting in any way that this is the ONLY form of profile hacking when it comes to MySpace. I’m just providing information on one of the most common forms in the hope that it will better arm you to combat the attempts.
Ironically, most hacks occur as a result of people viewing bulletin posts that have been posted by one of their “already hacked” friends.
For example, here is a bulletin I received from my friend Cassie just this morning.
Trust me when I say the content of the bulletin “ain’t exactly customary” of Cassie, and therefore is a clear example of a hack attempt and provides a great example to run through and learn from.
If you click on the link featuring in the bulletin, you are taken through to a site that for all intents and purposes appears to be a MySpace login page.
The hook here is that the text “You Must Be Logged-In To Do That!” is presented which, if you’re not careful, will result in you doing just that – entering in your MySpace login email and password. As soon as you hit the Login button, you will indeed be sent through to your MySpace page, but meanwhile your login details are sent to the hackers database ready for them to start using to hack your profile. This method of trickery is also known as “Phishing”.
2. How Can You Prevent Yourself From Being Hacked?
If you look carefully at the MySpace mirror (replication/imitation) site you are linked to (see screen shot right), you will note that the page URL is nothing like what you would see if it was a genuine MySpace page. The “myspace.com” domain doesn’t even feature at all. This is a unmistakable marker that you are in the process of being hacked.
MySpace actually publish a pretty visible warning on their login pages warning you against what I have just mentioned. I have posted the warning here so you can see what I mean by “myspace.com” featuring in the domain/URL and therefore signaling a genuine MySpace page.
For those of you who made the recent upgrade to Firefox 2.0, you should never run into this problem as the browser has an excellent “phishing” warning system built in that will warn you that something is not right about the page you have arrived on.
Here’s an example graphic of how my browser caught the bogus MySpace login page mentioned above before I had any chance of submitting my details.
If you are using crappy old IE 6.0 or something like that, you can better protect yourself by downloading and installing Firefox 2.
3. How To Beat The Hackers
So you’re pretty sure you’ve already fallen victim to a hacker? Well the solution is actually pretty simple.
Without the correct profile login details for you, they can’t access your profile anymore and therefore can’t send out anymore crappy bulletins. All you need to do is get into your Account Settings and:
- change your password to something new – something contains greater than 6 characters and features a mixture of both letters and numbers.
- change your password AND the email address you use as your login. This will only be a viable option for those of you who have a secondary address that you regularly use.
Changing all these details around will effectively block the hackers from getting into your account ever again.
Finally, you may not feel that being hacked is that big a deal? Well let me tell you it is! At the moment the hackers may only be accessing your account to post crappy bulletins, but the potential for damage that they could cause using your login is unlimited. Take these possible applications for example:
- Posting pornographic images in your pictures area
- Leaving abusive comments on the profiles of your friends
- Conducting unsavory posting activity within the “Forum” or “Group” areas that could result in your profile being suspended.
Either way, it’s a scary thought, so please be mindful of the information I have presented above. If you got any value out of what you read, please leave me a message below.