Because MySpace.com allows people to enter their own HTML and CSS, it also allows malicious users to create links that redirect to look-alike sites.  They are designed to make you think you’re still on the myspace website.

The best defense is to ensure the address you’re browsing is still the domain ending in “myspace.com”.  Subdomains will vary e.g. messaging.myspace.com, videos.myspace.com, etc.  These are fine as long as it ends with myspace.com.  Be wary of domains like myspace.com.something.com which would be a completely different website.  Particularly when you are presented with a login box, make sure you are at login.myspace.com!

If you do indeed become comprimised, change your MySpace password immediately.  Run a virus scanner and use AdAware to check if anything was installed with your knowledge.

Finally, use a reputable alternative browser such as Firefox or Opera.  For now, the simple fact that they are not the 1 target (i.e. Microsoft Internet Explorer) makes those browsers less likely to be the targets of attacks.  Not to mention, free and open source software like Firefox generally receive security updates more frequently than the dinosaurs can keep up with.

I hope this helps give some insight into MySpace security.  If you’re interested, I have links to many popular free and open source software packages in this blog posting.