Why am I always posting about Orkut? I donno, I have some affection towards Orkut more than to my wife* (I mean Orkut, the social networking site; don’t think it otherwise…). Thought of an Orkut-free post this time, but something ‘worse’ happened today which forced me to write this one.
Orkut (Google) account getting hacked is not a new thing these days. Have heard many cases of hacked accounts, stolen communities etc etc. This month beginning, one of my cousin’s Google account was hacked, very fortunately he got it back. Met another guy, whose community was stolen. Again, in this case too, he got his community back.
What Should I do, if my account is hacked?
Report it to Google (or this one) immediately. The victims of the above mentioned cases, and many others got their ‘lost possessions’ back, after reporting it to Google in right time.
And remember, prevention is always better than cure. There is no surety that you will get back your account. By, following few steps, you can avoid the chances (and not eliminate, I repeat, not eliminate) of your account being hacked.
- Never run javascripts (Even if those were scrapped by someone in your list, or a close friend).
- Click CAUTIOUSLY on links in scraps, mails etc. Move your cursor to the link, and ensure by checking status bar, that this link takes you to a legitimate site. Check this link to know ‘why’?… this is another resource.
- Avoid (as possible as you can) tiny urls and similar shortlinks. If it is a tinyurl, use this to preview, before being automatically taken to the target site.
- Though optional, always provide a secondary e-mail address. [Check the second comment of this post]
- Never display pincodes, birthdates etc publicly in your profile [Check the fourth comment of this post]. If you are using Hotmail as then these details can be very very dangerous. It is very easy to crack into a Hotmail account using your Orkut profile. As a thumbrule, ‘Never mix Orkut and Hotmail’
- Never click on newsonfocus or merinews links.
- If you are community owner, its better to create another profile (ahem! a fake, or what you call it, 😀 ) to OWN & MANAGE your community. So, that even if gets hacked, the chances of retrieval of the account AND community remains substantial.
- Beware of fake login pages (Orkut or Okrut, like that).
- Don’t forget to logout of Orkut (Not only Orkut, all sites) after browsing from a cyber-cafe.
One thing Orkut should do to improve the security is, to implement https:// (Use https:// whenever wherever possible) in Orkut server, which was available till last May. Though, it won’t protect you from hackers in Orkut, it will protect your privacy and password while communicating with the Orkut server, as the communication is encrypted (hence the name ‘secure’).
Orkut Anti-Hacking community, is doing a great job and has someone in there with ‘real’ grey-matter. I reccommend this community, and got those last two points from this community.
Always keep in mind, “No one can cheat (hack) you, unless and until you give them the permission to, knowingly or unknowingly“.
*I am a chronic bachelor of age 24, and ‘wife’ is used to exaggerate things for the sake of fun.
UPDATE:- Suggested Reading, Stolen Orkut Forums, And Ways To Get Them Back
Thanks for the strategic information sir…
Pratheesh, first of all thank you very much for this post!
I was ‘thinking’ abt a post like this the day I got my account back! BTW I am the cousin whose account got hacked and was fortunate enough to get it back.
I guess I gratuitously provided my login info through one of those so called ‘fake’ login pages. The hacker might’ve been interested in taking my orkut accnt only, for what so ever reasons only known to him. But I lost my primary mailbox which I was using to get in touch with the world, and all other Google services I was addicted to! I can tell you it was one of the very frustrating week of my life, getting in touch with all my contacts to make them aware of the incident, reporting to Google, finding all those info they want from pre-historical era!, and trying to setup some mode of communication with the hacker!
I can share with you the details of kind of information Google will be looking for when you report such an incident. Then look for some solid proof from which they can make sure that you are the ‘real’ one.
1. The registration key – it will be sent to your secondary mail id when u create your Google accnt (obviously I didn’t have it with me). If you’ve this you then u r safe.
2. Info on when you created your accnt, who invited you, and the invitation url! – Thankfully I was able to dig out the invitation mail I received in 2004.
3. Details on when u last changed your password and security question. And what security question you’ve set!
4. Then you can provide any other information that you think can confirm your identity. If you’ve setup a Google check out accnt, details of your credit card, if you’ve your phone number listed in your profile details abt that etc..
It should be a good idea to get this info and save it somewhere you can refer in future. In case… 🙂
well… my friend has lost his profile. in name of his friend, he is not able to log on. profile is still visible in orkut, a single scrap says, sorry, i have stollen your scraps, please call me to get them back!!! did somthing like this happened to you?
Another important thing, never give your birthday to Orkut or make it visible to everybody. Many e-mail systems uses date-of-birth as an option to retrieve passwords, better avoid publishing your birth date. Or else, always select a security question and answer.
—
hmm i see so u r in love with orkut! pity ur wife! anyway good luck man! have fun!!! 😛
”No one can cheat (hack) you, unless and until you give them the permission to, knowingly or unknowingly“.
very true … keep posting
🙂
it’s really informative.. go ahead buddy.. expect more like this from u.. 🙂
A good informative work from you.
“Never display pincodes, birthdates etc publicly in your profile”.Once i have got problem with this one.
”No one can cheat (hack) you, unless and until you give them the permission to, knowingly or unknowingly“. Very good thinking!!!……
very good pratheesh. thank u
hey ..do u read my mind??
i was just thinking from quite a few days back on this topic..nevertheless i would post one with some extra stuff ofcourse
WEll,abt ur topic..those are some worthy points u mentioned ..cheers!! ORKUT WAS CERTAINLY ONE OF MY WIVES ,NOT ANY MORE 🙂
off topic :: well ,ur words worked ,i became #1 blogger in wordpress atleast for one day 😛
and one more advice i would give in forecoming post that is next week is to learn basic hacking..u could write that too in ur post..”whenevery body is a hacker ,no body would be”
not to mention i was crazy once upon a time reserching lot abt hacking..hacked couple of accounts myself just for fun…anyway that has become obsolete now in my mind..
now i dont have to worry when my profile is hacked¬i have the solution from pratheesh
thankyou
Not happened yet to me. just awaiting the date when it happens. Guess I’ll change my login email now.
hey prateesh…..thnx 4 makin all of us aware bout dis……i ll follow sm of d rulz givn……
thanxs Dr pratz…for advicing caution….
never seen a gud Samaritan like u before…
afraid,ages to cum wil anyone in flesh nd blood be like u..
thanks for ze tip and thoose pages links you mentioned are cleverly implanted fake logins which will give the username and password to the hackers
Actualy which cousin’s id got hacked do mention it
i too had this pblm..but the hacker just changed the password of orkut and did nothing with ma mail id and i reported to google security center and gave my email id and google send me the new password 😀
Yeah, I’ve heard about Orkut javascript but if someone had sent you an mail to you then do not open othereise they got your password as well… so be careful… NEVER TRY TO CLICK ANY WEIRD LINKS!!!
Pratheesh, your blog seems to be amazing and hard work… 🙂
Take a look => http://www.orkut.com/CommTopics.aspx?cmm=35726187
Hey.. good stuff man..
cool… its good to be cautious, and u hav made a triger to it.. its nice.. useful info..
quite informative….keep up the good work dude…!
Oh! Wrong thread but I need input/ advise please. I had my flickr pictures as public & for a few days I had it linked to my orkut, On hindsight, I agree that was very stupid and I was extremely naive. Soon like within a month I realized my folly and made all my pics private. Guess what happens, I get an email from a friend’s friend who has seen my activity in his scrap book alerting of this @$$ who have created an obscene profile complete with my pictures. What scared me most is that he even had my most recent ones which I had on public for a day till my family catches up with my latest pics. He has saved them all- I immediately alerted orkut- gave them a copy of my DL. I have requested orkut to kindly give me the IP address and also the email id that invited this person. I plan to prosecute this person and I’m willing to chase him to the end of the world. I wish I was in India coz they have cyber police who help out matters..Any guidelines on what to do in America?? Guys any help is appreciated. Please reply back on this thread
u know wat happened to me…
i was completely….hacked in all aspects….
shatterd out there….
thus i came into hands of evil….
there are much more than these simple java scripts to hack…….
more..than u can imagine
powerful bugs ……
Thanks for the post 🙂 I”been using orkut for almost 2 years now 😉 so this should help
frnds my orkut account is hacked by sumone…n is misusing my account…pls help me get out of this problem..i realy need ur help
Hello my friends 🙂
😉
[…] optional, always provide a secondary e-mail address. [Check the second comment of this […]