Experts from the Roskachestvo Center for Digital Expertise registered a phishing cyberattack on the accounts of users of the social network VKontakte.
The attack is aimed at stealing a user’s password in order to further hack a profile on a social network and use the account, for example, to send spam.
In the new scheme, attackers use VK archives. The social network allows users to upload all their data. The archive contains a large amount of information, including all user dialogues. Only the user can order the release of the archive.
It is this attack that the attacker simulates to gain access to the user’s page, playing on the victim’s fear that her correspondence will fall into the wrong hands.
As experts explain, the attack takes place as follows:
The attack proceeds as follows: a user who has an account on the VKontakte network receives (by mail, via push or personal message) a message like “An archive for all your correspondence will be created in 24 hours and sent to XXX mail.” As a mail, an obviously non-user-owned mailbox of the type email@example.com is indicated. Next comes the classic phishing scheme: the user is prompted to log into the account in order to cancel the creation and transfer of the archive, as well as to change the password using the link. Only this link (leading each time to different sites with “vk” in the name) is a phishing link, although the form looks real – the design of the site is as similar as possible to a social network site. “
If the user enters his password in the form of a fake site, he will give his account directly into the hands of the hacker.