...

Roskachestvo ā€“ about new scheme of fraud with VKontakte archives

Roskatchestvo Digital Expertise Center experts have detected a phishing cyber attack on accounts of VKontakte users. The attack is aimed at stealing the userā€™s password in order to hack into the social network and use it to send fraud and spam. Together with the social network VKontakte we analyze this scheme and tell you how to avoid this trap and continue to safely use your favorite social network.

image_2

Vkontakte social network allows users to upload all the data collected by the network for the duration of the user account. The archive provided by VKontakte contains a large amount of information, including all of the userā€™s conversations. Only user who is logged in to his account can order delivery of archive, and it cannot be done from outside. This is an attacker who tries to imitate an attack to gain access to a userā€™s profile, playing on the victimā€™s fear that their communications will end up in the wrong hands if left unchecked.

An attack occurs in the following way: a user who has an account in VKontakte receives by e-mail, push-notifications or private message a message like ā€œan archive of all your conversations will be created in 24 hours and sent to e-mail XXX. As the mailbox is not obviously belonging to the user, such as artem*****@mail. What follows is a classic phishing scheme: the user is prompted to log in to his account to cancel the creation and transfer of the archive, as well as to change the password at the link. Except that this link which leads every time to different sites having vk in the name is a phishing, although its form is very similar to the real one ā€“ the design of the phishing resource is maximally similar to the site of the social network.

For example, we noticed the site vkarchives.com, which at the time of this writing has been removed, and clicking on this link has been blocked by VKontakte security agents to protect its users. If a user enters his password in a fake site form, he gives his account right into the hands of a hacker, as they say, warmly. Changing the password is certainly a useful thing, but not on a fraudulent site, but on the original site of a social network!

Ilya Loevsky, deputy head of Roskatchestvo.

ā€œAn attacker who hijacks your social network profile can actually order an archive upload, and this is potentially dangerous. The archive contains not only the public information of your profile, but also, for example, documents uploaded by the user, phone number references, payment history, and a list of bank cards used. All of this can be used by an intruder to his advantage and, of course, can cost a user a lot. You should be careful when using social networks to recognize hacking attempts.ā€

In order to avoid becoming a victim of scammers through this scheme, the following rules should be observed:

  • Do not click on links from messages, especially those playing on emotions both negative ā€œyou were hackedā€ and positive ā€œyou wonā€ .

  • Type the address of a social network only manually in a browser, or better yet, use the social networking application. Never enter your passwords or logins on unauthorized sites. Even if the site looks like

  • your favorite social network, always check in the address bar where you are.

  • In case you are not sure about the security of your social network account, change your password, read the official FAQ and contact technical support ā€“ do not take any rash actions that you are not sure about.

  • Use two-factor authentication 2FA .

  • If youā€™ve used such links, please change your password to secure your profile. And better ā€“ do it right now as a preventive measure, without waiting for hacks, because some cases of your questionable transitions you may have forgotten about. This is a recommendation from VKontakte support agent.

Alexander Shvets, director of VKontakte user privacy protection, commented on this type of fraud and methods to combat it: ā€œAttackers can create phishing sites and send spam emails masquerading as popular resources. In this case, of course, no one is breaking into our servers, no one is accessing our databases. People themselves unintentionally give their profiles to crooks, gullibly clicking on unverified links. On average we send about 10 thousand warnings about password change per day. We promptly block clicks from VKontakte to malicious sites. In addition, we recommend that you do not use malicious programs that ask for personal information to receive features that are not in VKontakte: view other peopleā€™s hidden photos or ā€œguests of the pageā€, unlimited gifts or free votesā€.

Vkontakte specifically emphasizes that it is impossible to download personal archive with profile data without confirmation from the device connected to the account, and that a unique download link cannot be opened from another profile. In addition, the archive itself can be encrypted with a personal OpenPGP key.

Take care of your social networking pages, because they are your online identity. Its loss can be a huge problem for many!

Rate this article
( No ratings yet )
John Techno

Greetings, everyone! I am John Techno, and my expedition in the realm of household appliances has been a thrilling adventure spanning over 30 years. What began as a curiosity about the mechanics of these everyday marvels transformed into a fulfilling career journey.

Home appliances. Televisions. Computers. Photo equipment. Reviews and tests. How to choose and buy.
Comments: 3
  1. Hadley

    Can you please provide more information about the new scheme of fraud with VKontakte archives that you mentioned in this text? Iā€™m curious to know how it works and what steps can be taken to protect myself from falling victim to this.

    Reply
  2. Indigo

    Can you please provide more information on the new scheme of fraud with VKontakte archives that Roskachestvo has discovered? What are the key details and how can users protect themselves from falling victim to this scam?

    Reply
  3. Riley Stewart

    Can you please elaborate on the new scheme of fraud with VKontakte archives that Roskachestvo has discovered? How does this scheme work, and what should users be aware of to protect themselves from falling victim to it?

    Reply
Add Comments