This post isn’t about libraries, but rather in the realm of social information literacy
I’ve seen a dramatic rise in phishing on MySpace lately. Many people are getting their accounts compromised. What I am most fascinated by is the fake-friend-hacking concept, the idea of “borrowing” someone’s identity with the sole purpose of advertising, and of course also stealing more accounts. It’s a tactic to deliver spam through a thinly disguised cloak of assumed friendship. If a stranger tells me to visit a site, I probably won’t, however if someone I know told me about it, I would. That’s the core of social networking: people influencing people that they know.
The Con
Spammers create bogus accounts and become friends with tons of people. I call these “shell” account because they put just enough info to make them seem like believable people, yet they are simply out to get clicks. Next they will direct their “friends” to a site that essentially looks like MySpace, but appears to log them out. The individual thinks nothing of it (since this happens frequently) and logs into the replicated site and hence gives away their email address and password. There are definitely security concerns but again, I am fascinated by the process. Once they obtain access to these accounts they don’t change passwords or tamper with the profile, they simply use it to invite people’s friends to visit external websites. This is endorsement theft because what they are stealing is trust and authenticity: a person’s character. It is the equivalent of someone sneaking a false article in a peer-reviewed journal. Elsevier tells us it is legit research so we believe them.
This has actually been going on for awhile now on MySpace. It’s creative because they are not only using email messages, but also message boards (individuals), bulletin boards (all friends), and group boards to spread their message; it’s a multiplatform operation. So watch out and don’t trust anyone online!
