In recent world news, a MySpace profile has been determined to be a security risk. How is this possible? It pretends to be a Microsoft software update, trying to get unsuspecting users to click the activation button.
You’d think that by now, most people would be savvy enough online to double check a pop up installation window’s source before clicking, but apparently that isn’t true, at least not yet. The profile masquerades as a page belonging to a supposed 42 woman from Arkansas. The virus issue was first caught by virus protection company McAfee.
Joris Evers, publicity director at McAfee, says “attackers send unwitting MySpace users a friend request, asking them to become friends with ‘Rita.’
The virus gets ready to be installed when users click on the profile name to see who this “Rita” person is. Once they get to her profile, a pop up window appears offering an upgrade to your Windows software. The pop up window looks legitimate to the casual observer, but obviously does not come from Microsoft.
If you aren’t aware of the potential for viruses in pop up windows, however, you might click the link. That would be enough to start a download of malware under the file name “updateKB890830.exe”. Once the file is downloaded, unless you are running virus protection software like McAfee, you are infected.
McAfee and several users had alerted MySpace to the malware issue and are confident MySpace will take the page down as soon as they can. As of this posting it was still up on the MySpace site.
