McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Create Account | Login  | What is TrustedSource?
 
Home  Threats and Trends  McAfee Research Blog
TrustedSource™ Query
Enter IP address, domain name or URL to check reputation/traffic patterns:
Search
 


Latest Malware Threats
 RSS Feed
Win32.Weird.e2010-02-02
Win32.Tolone2010-02-02
Worm.IrcBot.14786562009-12-10
Trojan.Drop.Agent.poa.22009-12-10
Trojan.Magania.1059882009-12-08
Trojan.PSW.Frethog.AJ.22009-12-08
View Malware Library
 


McAfee Research Blog

Sex the Bait in Mass Orkut Compromise

June 23th, 2009

With the advent of Web 2.0, social networking websites have become an easy target for online fraud and other identity scams. Lately, we have seen Twitter being used to phish out personal information, as well as MySpace scams and Facebook spams.

With more than 15 percent of the traffic from India, Orkut is perhaps the most popular and widely used social networking website in the country. Phishers have come up with an elegant approach to social-engineer the not so tech-savvy users on Orkut. They have updated the user profiles of several thousands of compromised Orkut accounts, which now link to various phished websites. These lure visiting users into divulging their personal information.

Various phished websites claim to be the “adult” variant of Orkut. The “Orkut Sex” site has been very successful in luring several thousands of Orkut users into entering their credentials into this fake website. The attackers use the harvested details to steal other personal information for monetary gain.


We have observed scores of websites being used in this phishing attack. Here are a few of them:

  • http://orkutsexlogi[blocked].tk
  • http://s3x[blocked].kilu.de
  • http://orkutst[blocked].tk
  • http://album[blocked].kilu.de
  • http://priya[blocked].freehostia.com

If you have read this far, I probably don’t need to remind you to look carefully before you enter your personal details on the web. Always make sure that you are safe and protected–and keep away from the rip-offs.

Back to McAfee Research Blog overview

McAfee Homepage | Contact | Privacy Policy

Copyright © 2007-2009 McAfee, Inc. All Rights Reserved.

ANY INFORMATION PROVIDED BY MCAFEE ON THIS BLOG ARE OFFERED "AS IS" WITH NO EXPRESS OR IMPLIED WARRANTIES, CLAIMS, PROMISES OR GUARANTEES ABOUT THE ACCURACY, COMPLETENESS, OR ADEQUACY OF THE INFORMATION CONTAINED IN OR LINKED TO AND NO RIGHTS ARE CONFERRED. BY USING THIS BLOG, YOU ASSUME ALL RISK FOR YOUR USE. IN NO EVENT WILL MCAFEE BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, OR OTHER DAMAGES WHETHER OR NOT MCAFEE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE. MCAFEE HAS NO OBLIGATION TO POST BLOG SUBMISSIONS OR RESPONSES.