How to tackle a gmail/orkut password thief


It’s a bad world out there.People are now ever more vulnaerable to spoofing and evil deeds by the crack ass cyber-criminals.As the real world is still struggling to refine the security measures against the terrorist attacks, the virtual world is already teeming with small password thieves to big bank account hackers (rather crackers  in the right terminology according to the Geeks).The virtual world is all set to become the alternative attack routes for the terrorists(which they are now using as means of communication only ,in future , Virtual Terrorsism may become mainstream).It is sure that once the real world becomes immune to the criminals , the criminals will turn to the virtual world in a big way.We are just loosing property and possesions due to cyber-crimes these days ,but there is a possibility of going further.

As in the real world,the cops come only when the situation gets worse and out of control.Cops always suggest to take precautionary measures to avoid the theft,forgery or assault.Likewise, the public needs to be aware of the basic precautionary measures to be taken to avoid their online(digital) life to be hacked or spoofed for something disastrous.

This is for those who tend to ask, What the heck goes wrong if my digital life gets Hacked (rather Cracked).

  1. People do not even realise how much they are into online-banking these day,don’t believe me,Look at yourself to believe.
  2. People do not even realise how dangerous it is to type their email id passwords whichever online services they register for.

I will blog more about the following in the coming weeks:

  • Dangers in the inevitable online life
  • Precautions that can be taken to have a safe online life

But now,I am going to tell about a very common technique used by the password thieves.They are using social networking sites like orkut and facebook.

The Attack:

The Password thief creates an orkut profile just like any other orkutter and sends you a scrap saying the below possible things:

Click on the link below to see some Actress Pictures

Click here to send you friend a Greeting card

See my nude pics on this link

The curious orkut user clicks on the links provided by a strange profile.

The link redirects to a page which looks like this

It's not the Orkut Login Page!!

It's not the Orkut Login Page!!

Look closely !!! It does look like an orkut login page but it is NOT.Look at the address bar(or URL).

What does it say ??  it’s not the Orkut Login page ..it’s the TRAP.

The user thinking that he/she has logged out by some inexplicable cyber-mistake,tries to relogin by giving the username and the password in the trap set by the password thief.And hence the gmail or orkut password is compromised.

After that the user might be able to login to the real orkut site only until the thief has not changed the password.The danger is if the user has given the gmail id as the contact email for his banking and other online services.His or Her online life is gone forever.

This is the orkut page of my friend who has become a victim of orkut password theft somehow.And the thief if her password is using her profile page itself for propagating his attack.This is how her page looks like now.

Ready for the Next Attack

Ready for the Next Attack

This is a blogpost by my ex-boss who happened to have lost his gmail password and his wordpress passwords to some brazilian hacker through orkut.

Advertisements

6 responses to “How to tackle a gmail/orkut password thief

  1. Even Clickjacking was most common now in orkut..

    pinastro: The blog is about clickjacking only

  2. really good article.. i think this prevents from your account hack

  3. really nice article

  4. OrkutWala.com provide you with access to a complete list of orkut scraps, orkut greetings, orkut glitter graphics, orkut images, messages and comments for your orkut scrapbook Please vist:http://www.orkutwala.com/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s