Orkut users targeted in scam

Over the weekend, users of Google owned social-networking service Orkut were singled out in a scam offering up Malware that would compromise the user’s computer. The Malware kills off anti-Malware applications, thus allowing additional software to be loaded onto the system.

Orkut is used mostly in Brazil and India, according to TrendLabs, which reported the new scam. As of January, the site sees about five million hits monthly on average. The user base, and the fact that social networks are popular targets for criminals, are just two of the reasons Orkut has been targeted.

The scam is relatively simple: An Orkut member receives an e-mail alerting them to suspicious activity on their account. The e-mails warns that the user’s account has been flagged for containing illegal information. To address the issue, they are offered a link to download software, which is said to contain more information on their account. Naturally, the software is malicious.

An alternate scam starts in a similar fashion: The user gets an e-mail reporting their account as being fake or of sending spam. To correct this problem and confirm their account, a link is offered. The link redirects to a malicious site, where the Malware is waiting for download.

In both cases, TrendLabs advises users to ignore the incoming e-mails.

Orkut users were targeted last December by a Worm that compromised over 400,000 users. The Worm was triggered by viewing a malicious scrapbook entry, which led to infection and propagation to everyone listed as a contact on the infected profile. The Worm started because of a malicious SWFObject. source: http://www.thetechherald.com/article.php/200908/2961/Orkut-users-targeted-in-scam