A “phishing” site that harvested the log-in and credentials of MySpace.com users was removed as of Friday from a California server, a security vendor reported.A phishing attack involves tricking users into visiting a look-a-like webpage that asks for personal information, which is then sent to a hacker. The rich trove of personal information stored on MySpace user pages is making the social networking site an increasingly attractive target for identity theft, said Ross Paul, a senior product manager at Websense, which makes security software.The attack would not have been noticed by most users, Paul said. The attack starts when a user is sent a link through AOL’s instant-messaging program or a similar one. The link is from someone in the user’s contact lists, asking the user to click the link to MySpace to view photos, Paul said. The link leads to a fraudulent MySpace log-in page. Once the victim enters the information, he or she is then transparently logged into the real MySpace pages, Paul said.But a hacker then has access to personal information stored by MySpace, such as someone’s address and birthday, which could be used to open a bank account, Paul said. A hacker can also tap other instant-messaging contacts or e-mail addresses to send out the link to the phishing site, which often is done using automated programs.“The rising popularity of this kind of meeting place is obviously increasing the potential for financial gain,” Paul said. “The more information you give MySpace, the more at risk you would be if someone managed to get a hold of your log-in information.”MySpace, started in 2004 and bought by News Corp. last year, counts at least 73 million users and is growing. MySpace’s “viral” networking model allows friends of friends to easily connect, but sexual predators have also used its features to meet underage victims.As a result, MySpace appointed a chief security officer in April and implemented careful page monitoring.-Jeremy Kirk, IDG News ServiceFor related content from CIO sister publication CSO, read How to Foil A Phish. Check out our CIO News Alerts and Tech Informer pages for more updated news coverage. Related content events promotion Australia's CIO50 Team of the Year Awards finalists revealed Along with the unveiling of the annual CIO50 List and the team category winners, the 2023 CIO50 Awards will also recognise the inaugural Next CIO winner and a new Hall of Fame recipient. By Cathy O'Sullivan May 31, 2023 3 mins IDG Events brandpost API security: key to interoperability or key to an organization? Understanding the risks of using APIs and how to prepare to address those risks. By Keith Zelinski, Managing Director, Technology Consulting May 31, 2023 6 mins Digital Transformation brandpost Designing the campus of the future starts with high-quality 10 Gbps connectivity By Huawei May 31, 2023 4 mins Network Architect Networking Devices Networking brandpost How an Indian real-estate juggernaut keeps growing by harnessing the power of zero A South Indian real-estate titan is known for the infinite variety and impressive scale of its projects, but one of its most towering achievements amounts to nothing literally. By Michael Kure, SAP Contributor May 31, 2023 5 mins Digital Transformation Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe