September 15, 2009, 7:11 AM — Social networking users seem very interested in finding out who among their contacts have deleted, unfriended, or otherwise blocked them from communicating. A new phishing attack is taking advantage of this curiosity, offering to let users of MSN Messenger instant-messaging service find out if they’ve been removed from friends’ contact lists.
According to a blog post on Trend Micro’s Web site, the phishing scam is launched as an e-mail offering recipients to find out who has blocked or deleted them from their MSN Messenger contact list by simply clicking on the embedded link. (The subject line of this e-mail, which reads “hi o_O,” should give away the message as spam, but the bottom line of the e-mail includes a reassuring sentence that claims “This is NOT spam.” )
Following the link brings recipients to a fake log-in page where users are asked to enter their password. Trend Micro says the intent of the phishing scam is to extract MSN Messenger log-in information so that accounts can be leveraged to send spam, and phish more unsuspecting users.
Do you tweet? Follow me on Twitter here.
