ID thieves go phishing for GTalk, GMail passwords

Moderator: savanb

ID thieves go phishing for GTalk, GMail passwords

Postby long_way » Thu Feb 26, 2009 8:48 am

February 25th, 2009
ID thieves go phishing for GTalk, GMail passwords
Posted by Ryan Naraine @ 7:50 am

( http://blogs.zdnet.com/security/?p=2682&tag=nl.e539 )

If you use Google’s GMail or GTalk services, pay special attention to random e-mails or instant messages requesting your login credentials.

There is a major spam run underway with a phishing scam using social engineering techniques to snag Google Account usernames and passwords and, according to multiple reports, the attack appears to be very effective.


This image ( http://i43.tinypic.com/28kue4y.jpg ) shows a GMail message that purports to be an account termination warning from Google but, if a user is tricked into clicking on the link, he/she is redirected to a fake GMail page requesting the login credentials.

On the GTalk side, the scam is perpetuated via an IM with a TinyURL link that redirects to a ViddyHo login page.

That page instructs them to enter their Google account information, which is then used to break into the victim’s account and send the link to other users in the victim’s address book or buddy list.


Andrew Ostrow at Mashable says he received several GTalk messages with the scam on the same day:

I became alerted to it when I received IMs from three people I hadn’t talked to in some time within a matter of minutes – one a marketing exec at a prominent startup – with typical phishing jargon “check this out!” with a link to a tinyurl that when clicked, points you to a site called ViddyHo. Apparently, the site sends out the message to all of your Google Talk contacts.
These types of phishing attacks are not new but it’s interesting that Google is the target of a multi-pronged phishing attack at the same time. Google Accounts, in some cases, are tied to valuable properties — Google Checkout, Google Adsense, etc. — so a compromised account can lead to actual financial damage.

If you suspect you may have been tricked in this (or any phishing attack), it’s important that you immediately change your account password and security question.

As always, whenever you encounter a Web site asking for login credentials, stop a think carefully.

* Image via the Wall Street Journal, which got a confirmation from Google on the attacks.
long_way
 
Posts: 737
Joined: Fri Feb 09, 2007 8:56 am

Return to Web Sites

Who is online

Users browsing this forum: No registered users and 0 guests

cron