Classmates

Last week there was a lot of media attention devoted to a phishing attack on Facebook, one of the biggest social networking sites with around 200 million registered users. It was attacked namely because it is so popular and has so many users.

Interestingly, attacks on smaller but equally popular social networking sites are also based on the principle of social engineering. For example, we recently detected a new wave of phishing attacks on the site Odnoklassniki (Russian for ‘classmates’), which is extremely popular in the former USSR. The site currently boasts approximately 35 million users.

It’s the same old scheme: a trusted contact sends you a message with a link to an external resource. The fake message looks like a real one because it contains your name, and sometimes even a nickname that only your friends would use.

The user “sending” this type of message may have lost his password by falling victim to phishers or his computer may have been infected by a malicious program that steals passwords.

Clicking on the link in the message opens a page that resembles an Odnoklassniki page offering users the chance to take part in a competition. The user is asked to enter his account details (email and password) for the site.

Then he is asked to send an SMS message from a mobile phone to get a special code that is necessary to take part:

A single SMS message could cost Russian users 150-200 rubles, or about $6 USD.
Of course, the user won’t receive any sort of code. More persistent users who really want to take part may even send another SMS message that will end up costing them $12 USD.

Once it dawns on a user that it’s not worth sending any more SMS messages, it is already too late – the fraudsters have the user’s account details which they will most probably use for further phishing scams.

In this particular case, the phishers aim to make money from the SMS messages that are sent.

Don’t fall for it!