EmailSafety.net - Gmail's one-two punch: Phishers attack after outage

Gmail's one-two punch: Phishers attack after outage

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

Recent News

Gmail users were hit with a double whammy Tuesday.

Only hours after Google Inc. fixed a two-and-a-half hour Gmail outage , users of the hosted e-mail service 's instant messaging tool were slammed with a phishing attack. Graham Cluley , a senior technology consultant with the UK-based security firm Sophos, wrote in a blog post Wednesday that the attack spread through the Gmail's Google Talk chat system.

The attackers sent Gmail users an instant message with no more of a lure than the message "check out this video" and a link from the TinyURL service, according to Cluley. The link, which is no longer working, took users to a website called ViddyHo that asked surfers to enter their Gmail usernames and passwords.

Cluley noted that TinyURL has blacklisted the phishers' site so that its no longer operational.

Related Content

"The hackers behind ViddyHo could use the credentials they have stolen via their site to break into accounts, grab identity information and impact your wallet," wrote Cluley. "Potentially, a hacker who has grabbed your Gmail password could have accessed your entire address book and scooped up all of your correspondence, including information that you may have archived about other online accounts."

A Google spokesman noted in an email to Computerworld that the company has received "a number of reports" about the phishing attack from users. "We have blocked the addresses being used to send these messages, and users of Firefox, Safari, and Google Chrome will receive a phishing warning when trying to visit the ViddyHo.com site. We have also identified Viddyho.com in our search results as a phishing site," he said. "We encourage users to be very careful when asked to share their personal information."

The security consultant noted that people are often more susceptible to phishing or malware attacks that are spread via instant message than those that spread through email. People simply are more accustomed to being wary of email, leaving themselves vulnerable to other forms of attacks.

"If you were unfortunate enough to fall for this scam, make sure to change your Gmail password immediately. In fact, also change your passwords on any other site where you might be using the same password as on Gmail," said Cluley.

The Google spokesman added that users also should update their Gmail security questionnaire.

For more enterprise computing news, visit Computerworld. Story copyright Computerworld, Inc.

Recent News:

· Feds draw a bead on Russian behind Mega-D botnet
· Ransomware Attack Resurfaces to Hold Files Hostage
· Adobe Reader X Makes PDF Files Safer
· PayPal Users Beware of Holiday Phishing Scam
· McAfee Reports Malware at All-Time High

Site Map | Recent News | Related Sites