Have You Been Hacked?
Originally published about 10 years ago. Thank you web.archive.org!
Lately, it seems, many MySpace users have been complaining about someone breaking into their accounts and making life a bit more difficult. What is taking place is called an XSS attack or a Cross Site Scripting attack. Here's how it works and how you fight it.
Patric, the nerdy geek, creates a login page that looks exactly like the MySpace login page. Then, he finds some clever way into making you go to that page. Naturally, when you see the login page, your first reaction would be to enter your info and login again. After you login, you're simply directed back to the previous page. At this point, your reaction would've been something like: 'hmmm weird...' and life goes on. Your reaction should have been more like: 'Holly moses! I've been hacked!'.
When you logged in, you actually gave away your info to Patric because, remember, you're not on a MySpace page, but a page that looks just like it. Patric's page. So now, Patric can easily log into your account and snoop into your private blog entries. You know, the ones about how you fell in love with a guy called Napoleon once. Now all your friends, including your little sister know about it!
Enough about Patric. Here's how you fight back. Anytime you feel like you shouldn't have gotten a login page, before logging in, look in the address bar and make sure it ends with 'myspace.com'.If it does, you should be OK, otherwise, don't enter any info. Or, just for fun, enter some B.S. like 'GetAPenisPumpLoserNerd' and report them to MySpace.
If it's too late and you fell for the trap. Change your password immediately, before the hacker gets in and changes it. In fact, you should do so on a regular basis. The easiest way is to have a pattern, like my1password001. The next time you change your password, do my2password002, etc...
I hope this helps.