There has been an outbreak of “friend spam” on MSN in recent weeks. This is what is happening when you get a message from a friend, often saying something you do not expect and including a link to a web site, or when an email comes from your friend's address saying something similar.
Here is where the main part of the problem lies... if you follow the link, one of the following things happens:
You will download a file – perhaps one that your “friend” claimed was a picture of you. If you do this, you may well infect your computer with a program which either sends MSN spam in the background or steals your password so that your account can be used elsewhere to send spam. If you think there is any possibility you have done this, they can be tricky to remove but you need to do so. There are programs available for dealing with this but you need to be sure you pick a reputable one as otherwise you could be compounding the problem rather than fixing it.
You will be taken to a site which offers something – well known examples include “Find out who blocked you on MSN” and “Photos for MSN friends”. Such a site may have a clause in the small print which says that by giving it your MSN ID and password, you are allowing it to advertise – spam – to your friends. Of course, some of these sites may not be quite so honest! If you give your password away in this way, and you use your Hotmail address for it, you are also compromising your Hotmail account. Change your password immediately if you have given it away, also changing your secret question and answer at the same time – some may be stealing that so that they can break into your account again. Also, change it after fixing the previous problem, if you have it.
You can of course avoid all of this in the first place if you do not follow unsolicited links in messages seeming to be from friends. At the very least, if you do not recognise the web sites as genuine and trustworthy, don't open the link without first checking with your friend by some other means. I have seen these things be capable of coherent response before now, so ideally you should use a different messenger, email (but NOT to a Hotmail account that they also use for MSN), telephone or a social networking site to check that they genuinely sent you the link. If not, point them to this page.
Of course, things like this need not necessarily be restricted to MSN – I would think that all messenger services could be affected – but it is probably true to say that the fact that the official MSN client is practically standard on modern Windows systems makes it more likely that MSN will be targeted.
My MSN contacts would be advised to get another means for me to contact them, because I will, from July 2009, be putting on ignore any MSN contact who falls into one of these traps, and they will remain there until I hear from them that they have fixed the problem. This applies whether the people are social contacts or work contacts. Emailed MSN spam will be reported as spam and this could lead to anti-spam programs deciding to treat it as spam. I will, however, contact affected people over the other means to advise them of this. Such contacts would be well advised to get a Jabber account – I am nearly always on Jabber unless my network is down.