To put it all in perspective, there is this small story. I never thought of online social networks as but a medium for 'social networking'. In one of the conference I attended there was a speaker from AT&T who does his research on online social networks. In one of his slides in his presentation he cites the high popularity of Orkut in India and Brazil due to 'cultural reasons'. His presentation was followed by the questionnaire session and I out of curiosity asked him what he meant by 'cultural reasons'. He said that the reason for the high initial popularity of Orkut in India was because 'Indian men found Brazilian women on Orkut to be expressive'. Well, the rest of the audience starts giggling and then he tells me 'there is nothing to be ashamed of it'. Well great! Thank you.
That probably explains why some of our folks have Brazilian friends on their Orkut friend list. This probably worked well but then Indian men started inviting their Indian lady friends. It may have started well, the ladies put their photos online. The photos were publicly available, their scrapbook was public but all that suddenly changed due to a few tragic crimes. Orkut decided to have privacy settings where you could control who sees your photo album and scrapbook.
Now, the liberal model around which Orkut was built disappeared. Folks could no longer see your photo album or your scrapbook all depending on your privacy settings, which leads to this clever scam where someone can trick you to adding strangers as your friend.
Read about the clever scam that appeared in a popular security experts blog this week.
Click here for how the scam works.
The author talks about the scam in the context of facebook and myspace but the attack can be directly replicated for Orkut. The author talks about possible money laundering as an advantage of the attack. That's not the case in India.In India it's not about the money, it is about the women. You can bet that these attacks will quickly pick up in India because someone wants to see someone else's photo album and scrapbook whose privacy status is set to-'only friends can view/read'. Like the attack on Facebook, if the scam works-even Orkut will suggest an imposter as your friend.Imagine the number of folks in India who would be more than happy to try out this scam!
Ps: The scam described is clever because it is simple and it works!
Subscribe to:
Post Comments (Atom)
4 comments:
Please share any such information about scams at
www.allscamsforum.com
For everyone to benefit from.
Bruce Schneier, the author of that linked url scam is the Chief security officer of British Telecom. You can link to that page, he is well known in security circles. I don't know if anyone has replicated the attack for Orkut though it works. Surely, a lot of people would be interested to try it out for different reasons.
Aha, that's how it started, eh??? :D
yes, right.
Post a Comment