"The number of page views garnered by fraudulent sites climbed by a
factor of five in March and April, fueled by a phishing scheme
targeting MySpace users, stated a Google analysis published on Monday.
The attack used a modification to the style sheet of a user’s
profile to place a transparent image over the page, causing a click on
a link — or anywhere else on the page — to redirect the visitor to a
fake MySpace login page, Colin Whittaker of Google’s Anti-Phishing
Team, stated on the search giant’s security blog.
"The effectiveness of the attack and the increasing
sophistication of the phishing pages, some of which were hosted on
botnets and were near perfect duplications of MySpace’s login page,
meant that we needed to switch tactics to combat this new threat,"
Whittaker stated."
Article Link: http://www.securityfocus.com/brief/522
