Phishing and link spam spreading on MSN
Anyone getting Instant Messages containing URLs should be even more careful in future, even if the messages are from friends. An avalanche of phishing is now roaring through Microsoft's MSN network, luring recipients to a page that asks for their MSN login data. Those who respond will find themselves on a page displaying a few photographs, which are linked to search queries.
Evidently a background script checks whether these access data are useful by logging in to MSN as the user. Shortly thereafter, all the account holder's friends are sent messages containing URLs that take them to similar pages.
Although most people never bother, reading the small print of the "Terms of Use" or "Privacy Policy" gives the game away. It's stated there, quite openly, that the access data will be used in order to show friends "new, entertaining pages". It claims not to be a phishing site because, after all, the use made of the data is precisely as described. Anyone wishing to complain, however, should note that Panama is given as the territory of jurisdiction.
(trk)