I ran across an article recently that gave another reason that people might want to avoid social networking sites like MySpace, Friendster, and Facebook. I wasn't aware of this, but it looks like people are targeting sites like MySpace and planting trojan viruses and worms in their banner ads. Here is an example of how they might do it: 
 
An unsavory advertiser buys ad space on MySpace. MySpace puts up the banner ad and the banner ad exploits a vulnerability in Microsoft Windows called a WMF vulnerability. Now Microsoft patched this back in January but not everyone patches their systems for obvious reasons (see my blog entry labeled, "Fixing or Breaking?"). Once a vulnerable PC tries to display the poisoned banner ad, it is "owned." The people who created the banner ad now control the PC and can use it to do their bidding. 
 
What can someone do to avoid these issues? From the article: 
 
"In addition, Dan Moniz, a security consultant in San Francisco, recommends using a browser other than Internet Explorer. "The way that Internet Explorer is hooked in with the operating system can cause some problems," he says. The July banner ad attack targeted Internet Explorer." 
 
Firefox is a free open source web browser that will help protect you from most vulnerabilities aimed directly at Internet Explorer. 
 
Lastly, get a Macintosh. There isn't any virus, trojan, or exploit currently in the wild directed at Mac OS X. Until there is, it is the safest operating system/computer on the planet. Even if a Macintosh finally had a virus written for it, the score would still be 114,850 to 1. 
 
Here is another article detailing a different type of attack via social networking sites. 
 
CH