14 DAY TRIAL // Scammers are tricking Orkut users into pasting malicious JavaScript code in their browser's address bar, with the promise of receiving a free recharge code for their mobile phones. Users who fall for the scam end up with their Google login credentials stolen.
It all starts with users receiving a link on Orkut that takes them to a website displaying a big banner that reads: "Recharge your mobile here!" According to information presented on this page, the user will receive a free recharge code in their Orkut scrapbook if they copy and paste some JavaScript code into the address bar.
Doing so will force the browser to access a Snurl.com shortened URL. "That triggers a big page of javascript code located at orkutaddict(dot)net/freerecharge/dpd(dot)js. At this point, the path branches off depending on whether you’re logged into Orkut or not," Christopher Boyd, a security researcher at Sunbelt, explains.
Those who are not authenticated will see a JavaScript alert instructing them to log in to their Orkut account in order to receive the promised free code that recharges their call credit. After closing this alert, they will be taken to a phishing page displaying a fake Google Account sign-in form.
Meanwhile, logged in users will see a different series of alerts, including the one that asks them for their phone number and claiming that they are getting closer to receiving that code. When all alerts are over, they are also redirected to a phishing site.
However, as Mr. Boyd points out, authenticated users are less fortunate because they start sending out messages advertising this scam through their Orkut profiles right away. They also automatically join a group called "Free mobile recharge!" which has over 1,800 members. "As you’ve probably guessed, all of the spamlinks on the profiles and in the group take you to more sites asking victims to cut and paste Javascript into their browser," the researcher writes.
Judging by the number of users in that single group, this type of scam is rather successful. This might be because over 70% of Orkut users are from Brazil or India, countries where rechargeable prepaid phone cards are more popular than monthly subscriptions.
You can follow the editor on Twitter @lconstantin
