Gtalk Users Hit by Phishing Scam

Yesterday Gmail users suffered through a major outage in service, lasting several hours and affecting users all over the world. Today’s problem is a horse of another color.

Yesterday afternoon, Twitter lit up with all kinds of complaints about a phishing scam doing the rounds on Gmail’s instant messaging service, Gtalk. Users were complaining that they were receiving messages that appeared to be from trusted friends, instructing them to check out a link. The message was then followed by a TinyURL.

Users who clicked the link were brought to ViddyHo which asks for their Gmail account name and password/requires them to “log in” to view the video their friend is trying to link them to. Accounts are then hijacked and bad things happen to good people (we assume).

While Google has yet to release an official statement about the scam via its Gmail blog, the Wall Street Journal reports Google has warned users about the scam. According to the WSJ:

“This is a phishing attempt,” the company said in a statement, “and we encourage users to be very careful when asked to share their personal information.”

With the rough day Gmail users have already had, we’d say people are pretty frustrated at this stage so a blog post probably wouldn't go amiss. Yesterday’s outage, which lasted roughly two and a half hours was reportedly the “side effect” of a some new code that tries to keep data geographically close to its owner. Check out this morning’s post for the full story.

Create a new thread in the US News comments forum about this subject
This thread is closed for comments
5 comments
    Your comment
  • Tindytim
    I find phishing quite interesting.

    Where normally, an issue is usually a fault of the developer, and a group exploiting a mistake of the developer. In this case, everyone is at fault. The user needs to make the mistake of trusting a site or link.

    I really get an issues with my computer, and perhaps it's because I don't easily fall for phishing attempts.
    0
  • imabug
    this isn't any different from all the other phishing schemes out there that come through my email or other IM protocols. Why should anyone be any more annoyed by one that comes through GTalk than through any other channel?
    0
  • Tindytim
    imabugthis isn't any different from all the other phishing schemes out there that come through my email or other IM protocols. Why should anyone be any more annoyed by one that comes through GTalk than through any other channel?

    Because they used an exploit allowing them to send the phishing sites from people on their contacts lists.

    Not that I'd click it anyway.
    0