Is this a Phish?

Well it had been sometime since I heard from this friend but upon opening the email I was greeted with this.

Hey since when did I subscribed to Tagged.com and their policies. (note the first line).

Tagged from what I researched on them is another social network website aimed predominantly at the teeny market. Reports aren't so good, full of advertising and spam.

Clicked on the referral screen in my email, and this is what I was presented with.

It automatically entered my email address and prompted me for my password.

WHAT!!!! Your kidding me!! You want my password to my account. They were serious, any attempt to enter a false password came back with a prompt for a correct password.

No I never gave them it. Now it off to google and research this company called tagged.com.

What they do is when you give them your password, is that they then scan your contact list (supposedly under the guise of looking for other people in your contact list that signed up for tagged.com). From this they farm your contacts emails, and automatically spam them with the first image I posted. Making it look like your friend allowed it. (Yeah they did, but through trickery and deception).

So without my permission they automatically put me on their subscription list, through my friends contact list.

Even more insidious as one security firm posts is why do they even need access to your account. Consider the multitude of us having our banking info, and other personal and confidential information

You may say I wouldn't do it, but how many have shared email accounts or allow someone else access to your account. For those of us who are a webwise as in streetwise there is no problem, our guard is up. But not everyone thinks like that.

They remninds those of us who went through the Melissa email worms. Tagged has the potential for getting extremely out of hand. For addtional follow up check the links below.