Hackers have apparently broken into "American Idol" winner Carrie Underwood's MySpace profile and are sending friends of the pop star - and she's only got about 37,000 of them - spam messages promising ringtones from other artists appearing on the social networking site.
I, fortunately, didn't receive one because I don't believe in befriending someone you'll never meet. (I guess, deep down, I'm a MySpace purist).
But even though no spam claiming to come from the beautiful country music-beltin' blonde has appeared in my inbox, that doesn't mean I'm not a daily victim of junk mail on MySpace.
Matter of fact, a gal named Arielle messaged me today. She's 19, gorgeous and wants me to click on some link promising nude photos. Makes me wonder how many non-IT security writers fall for this stuff on a daily basis.
As for how hackers infiltrated Underwood's profile, well, that may be highlighting an entirely different MySpace problem, namely phishing.
I profess to be a minor addict of MySpace. And I have definitely seen the amount of comment and message spam and bogus friend requests rise over the past few months.
When I chatted with the Hemu Nigam, MySpace's CSO, for a Web 2.0 cover story earlier this year, he told me MySpace is working hard to address its security deficiencies.
He told me the site is limiting the number of emails one person can send per day and that it's launched an automated alert system to notify MySpace engineers when someone's profile is being used in an uncharacteristic way (i.e. Carrie Underwood sending out ringtone spam). I mean she's no Sanjaya, but Underwood's career seems such that she doesn't need to send spam to pay the bills. Don't need an alert system for that one.
MySpace certainly is up against it. With tens of millions of users, every bad guy in the world wants a chance to dupe an unsuspecting client base that, given its average age, might be willing to spend money on stupid things.
Still, one has to believe that as MySpace was rising to internet stardom, security was riding in the backseat. The mindset is changing - heck Nigam only came on about a year ago - but is it too late?
Underwood might think so.
And you better believe the presidential candidates, many of whom are competing for who has the most friends, also are watching. Imagine receiving spam or malware from someone claiming to be your favorite presidential hopeful? Might make you rethink your choice, especially if you're young and impressionable.
I, fortunately, didn't receive one because I don't believe in befriending someone you'll never meet. (I guess, deep down, I'm a MySpace purist).
But even though no spam claiming to come from the beautiful country music-beltin' blonde has appeared in my inbox, that doesn't mean I'm not a daily victim of junk mail on MySpace.
Matter of fact, a gal named Arielle messaged me today. She's 19, gorgeous and wants me to click on some link promising nude photos. Makes me wonder how many non-IT security writers fall for this stuff on a daily basis.
As for how hackers infiltrated Underwood's profile, well, that may be highlighting an entirely different MySpace problem, namely phishing.
I profess to be a minor addict of MySpace. And I have definitely seen the amount of comment and message spam and bogus friend requests rise over the past few months.
When I chatted with the Hemu Nigam, MySpace's CSO, for a Web 2.0 cover story earlier this year, he told me MySpace is working hard to address its security deficiencies.
He told me the site is limiting the number of emails one person can send per day and that it's launched an automated alert system to notify MySpace engineers when someone's profile is being used in an uncharacteristic way (i.e. Carrie Underwood sending out ringtone spam). I mean she's no Sanjaya, but Underwood's career seems such that she doesn't need to send spam to pay the bills. Don't need an alert system for that one.
MySpace certainly is up against it. With tens of millions of users, every bad guy in the world wants a chance to dupe an unsuspecting client base that, given its average age, might be willing to spend money on stupid things.
Still, one has to believe that as MySpace was rising to internet stardom, security was riding in the backseat. The mindset is changing - heck Nigam only came on about a year ago - but is it too late?
Underwood might think so.
And you better believe the presidential candidates, many of whom are competing for who has the most friends, also are watching. Imagine receiving spam or malware from someone claiming to be your favorite presidential hopeful? Might make you rethink your choice, especially if you're young and impressionable.
