One very bad practice
I'm not suprised at all about this and would like to expand a little on the bit about fraudsters setting up bogus social networking sites.
The bad practice i refer to is a marketing exercise used by a number of social networks. I'll mention a couple that I hate partoicularly: hi5.com and tickle.com
I was prompted to register to such sites when I received the same worded personal emails from my Yahoo! contacts. So I investigated...
Towards the end the registration process (or in the case of Tickle.com once you have finished a test) you are invited to submit your Yahoo!, MSN and AOL details to 'invite your friends' to the site. When you do this a script logs into your mail account, farms your contact list and sends out automated emails on your behalf.
This is dangerous because they promote the practice of giving out log in information to a third party. It's fair to say that big name social networks are trustworthy but it doesn't take much to set up a bogus version that offers the same functionality.
Tickle.com's TOS say that "If Tickle has reasonable grounds to suspect that you have shared your account access and password with another individual, Tickle has the right to terminate your account and refuse any refund."
One solution, if this is a problem, would be the likes of Yahoo! to prevent scripts logging into their accounts.
I hope something is done.