Visitors of Last.fm media portal underwent fraudster’s attack that tried to lure them into giving away their login credentials. This is the latest attack where cybercrooks applied phishing techniques towards Web 2.0 sites, such as Twitter and Last.fm. According to experts partially this could be explained by the fact that some surfers tend to use the same passwords for low sensitivity sites, such as Last.fm, as well as more sensitive locations, such as webmail and even online banking accounts.
Thus, the attack on users of Last.fm starts with a message to their Last.fm shoutbox that typically says “hey - check out this blog with ur pic" and an abbreviated URL. Music fans who follow the link are redirected to a faked Last.fm login screen.
According to the available information the domain associated with the attacks is hosted in China and associated with several previous login harvesting attacks.