I've noticed a lot of talk about this recently and I witnessed it first-hand last night. Web pages cloned from originals intended to deceive the unwary into giving personal information away. It started with someone who I rarely talk to on my contact list logging on and posting a URL. I asked what it was and the reply I got was. "It's my new webpage"..."meet me there". I thought that was a rather odd request anyway and then I looked at the URL...... an IP address followed by /MSNGROUP/PIX. It just looked....I dunno......wrong. Anyway it turned out to be a clone of the MSN Communites page. I saw another friend online who I knew was on mine and the hacked list , so after establishing it was him I warned him. At which point he told me it was too late. The only reason he was still online was because he hadn't logged off! however, he could now not log into his mailbox.
There was a semi silverlining to this tale. Before he was logged off, he managed to send a quick email to MSN telling them what was happeneing. Within 2 hours his acount was reset and he was able to use it again.