With the recent attention on SMS spam, let's not forget to be careful on IM, that other favorite medium for spreading social engineered links.
I recently received a message from someone who sent me this link:
Which lead to a website where the user can supposedly view the uploaded photos by entering their MSN log-in credentials:
Yep, more password-stealing madness.
Incidentally, that same website was recently registered on 16 Oct. 2009 in China, and shares the same IP as a bunch of other "truth"-type sites: your-lolful-truth.com, face-real-truth.com, face-the-truth.com and joseccmonteiro.your-lolful-truth.com.
