In July, Gena Miller started getting amusing phone calls from friends. They wanted to know about the message she had posted on MySpace.com about her one-night stand.
Ms. Miller, a 22-year-old from Northridge, Calif., didn’t recall a one-night stand, however. She had a boyfriend and a new job at a human-rights organization that kept her busy. But when she logged into her account at MySpace, the social-networking Web site owned by News Corp., she found that someone had indeed posted a public “bulletin” from her account, with a link that promised, tantalizingly, to lead to photos. And everyone on Ms. Miller’s list of online friends could see it.
Ms. Miller soon realized that she had been the victim of a new kind of cyberattack: one that takes advantage of the features that make sites like MySpace and others so popular.
Such sites have developed a strong community of users by making it easy for them to contribute their own content. Users can create personalized Web pages by posting images, videos and even pieces of basic software code to change aspects of the page, like its color. The sites also let users send messages to each other, sometimes in the form of public bulletins that show up on the pages of others.