Now scammers are tricking Orkut users into pasting malicious JavaScript code in their browser’s address bar. The users are promised of receiving a free recharge code for their mobile phones. This type of scam successful. This might be because over 70% of Orkut users are from Brazil or India, countries where rechargeable prepaid phone cards are more popular than monthly subscriptions.The users who run this jave script end up with their Google login credentials stolen.
It all starts with users receiving a link on Orkut that takes them to a website displaying a big banner that reads: “Recharge your mobile here!”
According to information presented on this page, the user will receive a free recharge code in their Orkut scrapbook if they copy and paste some JavaScript code into the address bar.
Doing so will force the browser to access a Snurl.com shortened URL. “That triggers a big page of javascript code located at orkutaddict(dot)net/freerecharge/dpd(dot)js. At this point, the path branches off depending on whether you’re logged into Orkut or not,” Christopher Boyd, a security researcher at Sunbelt, explains.
Read Full Story at Sunbelt Blog.
Read these interesting posts about Orkut,
How Was Orkut Formed ?
Orkut Statistics Page – Know Who Dominates Orkut
