Offshoreonly.com - Dee - I think your MySpace has been hacked.

Greaat, I'll be getting more hate mail from people I don't know

But, it's not just me. Last week it hit Facebook and seems to be working it way around other sites. It's a phishing attack on PWs. Below is the article from last week on msn.com

Anyone that knows me, I don't send links through facebook nor My Space. So, please DO NOT OPEN ANY LINKS from me on a public message boards cause I DID NOT SEND IT. Sorry guys, don't know what to tell ya.

Facebook phishing attack sought passwords
Company says e-mails with fake links have now been blocked

By Suzanne Choney
msnbc.com
updated 4:48 p.m. ET, Thurs., May 14, 2009
Suzanne Choney

A Facebook e-mail phishing scheme was discovered early Thursday among users of the popular social networking site who may have inadvertently clicked on a fraudulent Web link included in a Facebook message to them.

The bogus link took users out of and away from the real Facebook to a fake Facebook site, where they were asked to log in again, giving their passwords, which may have been captured by those behind the scheme.

Facebook said e-mails with the fake link were blocked within the first few hours of being sent out, and that those who may have fallen for the ruse have had their passwords automatically re-set "so that any data the bad guys have becomes useless very quickly," said company spokesman Barry Schnitt.

Users who did bite on the phishing lure will receive an e-mail from Facebook notifying them that their passwords have been re-set.

One version of the e-mail went like this: "Richard sent you a message. Subject: Hello. "Check 121.im" with "121.im" as a Web link and fake Facebook page.

The phishing scam grew rapidly because accounts that were compromised "immediately sent out hundreds of messages, all with the same content, with the same link," Schnitt said. He said it is "too early to tell" how many of Facebook's 200 million users were affected by the scam.

"We blocked the (fake) URL and that messages that were being sent," he said. "Then we went into inboxes and walls and deleted that content...Even if you (now have) one of these messages in your account, by the time you try to go to it, it will either be deleted, or when you click on the URL, it won't take you anywhere."

Schnitt urged users to make sure their Web browsers are updated to help flag and even block phishing Web sites.

"The other thing they should be is generally suspicious," he said. "Why is my friend sending me this link, why is my friend using broken English, what is this URL? Those are red flags. Those URLs (Web site addresses) weren't common URLS. Those should all be red flags for users."

"People are too quick to click," said Mary Landesman, senior security researcher for ScanSafe, which provides Web security as a service to businesses.

Some employers have banned the use of Facebook in the workplace, and Landesman says there's good reason for that.

"I don't want to say there's no legitimate business reason to use Facebook, but by and large, it is a non-business application and is being used for non-business purposes," she said. "And if you have employees at work that are accessing Facebook that fall for one of these e-mails, which could include a worm and infect the computer, then it becomes the enterprise's problem because they have malware on their computers.

"I don't want to sound harsh, saying 'Trust no one,' but as Web users we have to have a more critical eye, a more discerning eye on what we click on," Landesman said.

http://www.msnbc.msn.com/id/30749501/