There is a technique being used on Myspace to spread spam by taking advantage of the trusted nature of your friends list. When you receive a bulletin from a friend, you will probably not think twice before clicking any links in the message - particularly if it's something like “check out these photos I took”. The page that loads when you click the link takes advantage of the fact that you are logged into Myspace and quietly posts a bulletin from your account. Usually it will be the exact same bulletin you just read. As you might expect, this message will spread quickly as more users continue to click the links (expecting photos from their friends) and thus send the bulletins to even more people, unknowingly.
First things first
Check to make sure you are not currently a victim of this. Log in to your Myspace account, go to Mail -> Bulletin -> Show Bulletins I've Posted. If there are any bulletins in the list that you did not explicitly post, delete them.
Next, if you are still using Internet Explorer as your web browser, just stop it already. :-] Get Firefox. It's free, and far better. No it will not automatically protect you from the technique described above, but it's an important start and by the end of this post it will be helping protect you better.
What to look for
Do not open links directly if you are not sure it is a trusted site. Move your mouse over the link and the status bar at the bottom of the browser will show you the full link. If it's not a site that you know and trust, you should not open it while logged in to Myspace. You can copy the link and either log out of Myspace before opening it, or open it in a different web browser (such as Internet Explorer - since you're using Firefox now, right?) Either way, the important thing is that you are not logged in to Myspace with the browser you open the link in. This way, if it is a spam-sending link, you will not fall victim to it. If the linked page prompts you to log in to Myspace, do not do it. Never login unless the site in the address bar is http://www.myspace.com or http://login.myspace.com.
A few other points
Lately these attacks have been using Adobe Flash. If the link ends in “.swf” you definitely should not open it; that's a link to a Flash file and is almost guaranteed to be malicious. Make sure that you have the most recent version of the Flash plugin (v9). Firefox users should also probably get the Flashblock extension (added bonus: blocks obnoxious animated ads online).
Hopefully this has been helpful. Spread the word to your other Myspace friends so they don't fall victim to spammers. :-]