How to work safe in orkut?

Tweet

We all know that “Orkut” is vulnerable to problems related to phishing i.e. (stealing of user information) and this is done very easily these days.

What is phishing?(As per Wikipedia) In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication, it may require tremendous skill to detect that the website is fake. Phishing is an example of social engineering techniques used to fool users, Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. and exploits the poor usability of current web security technologies .

Phishing in orkut? When we listen to the word “Phishing” the only thing that comes to our mind is, must be a “phishing mail”. Not necessarily, these days there are new techniques through which it is done, Posting a “Javascript” in a community, When a member pastes’s the javascript into the address bar, it re-directs to a “phishing page” which looks exactly as the login page of orkut. user is tempted to provide his username and password. and once when a user enters his orkut account details in that page, his username and password gets logged in with the “Phisher”. (Who created a fake phishing page) Some of the latest Phishing page pics This is a Javascript code when pasted re-directs you to a phishing page.

How does a Phishing page look like?

How to find out the difference between an original page and a fake page?The basic funda always is to check the Url(https) and a security certificate of website.

1. Https

2. Security certificate

Note: Remember, A fake page or a phishing page never provides you with these above features for identification.

Basic tips for all orkut users

• Do not share your password with any one, even if you know a person or trust him completely.
• Do not blindly click on links you receive either via e-mail or via scraps. Think twice before browsing through the link.
• Always be alert as to what’s happening around you.
• If you find a fake phishing page, then take some time and report the matter to the concerned person so that other orkut users do not fall prey into it…

Ways to report a phishing page. 1. To report a orkut page phishing page(reporting of all pages including blogspot),follow the link http://www.google.com/safebrowsing/report_phish/

2. You can also report it here. www.phishtank.com(Operated by Opendns)

On an ending note, if you come across any phishing, please report it so that other user’s do not face issues or fall prey onto it. The more number of user’s who report, the sooner action is to be taken. Spread awareness related to phishing

About the Author | Kevin

Hi all, My name is Kevin Subba, from Darjeeling, INDIA. Founded Designer's Digest with the purpose to share Design Resources for free. Make sure to follow me on Twitter.

Visit Kevin’s Website Follow Kevin on Twitter