Guess that this goes to prove that MySpace is a “use at your own risk” kind of deal. Speaking for myself, I simply don’t have a desire to use it.

A “phishing” site that harvested the log-in and credentials of MySpace.com users was removed as of Friday from a California server, a security vendor reported.

A phishing attack involves tricking users into visiting a look-a-like Web page that asks for personal information, which is then sent to a hacker.

The rich trove of personal information stored on MySpace user pages is making the social networking site an increasing attractive target for identity theft, said Ross Paul, a senior product manager at Websense, which makes security software.

The attack would not have been noticed by most users, Paul said. The attack starts when a users is sent a link through America Online’s instant messaging program or similar one.

The link is from someone in their contact lists, asking them to click the link to MySpace to view photos, Paul said. The link leads to a fraudulent MySpace login page. Once the victim enters their information, they are then transparently logged into the real MySpace pages, Paul said…. Source: InfoWorld