forwardone
02-25-09, 11:44 PM
25/02/2009
A phishing scam which has targeted users of Gmail has been reported by web security experts Sophos.
The firm obtained samples which showed that users were being tricked with a fake instant messaging pop-up at the bottom of the screen.
When email account holders clicked on this message they were redirected to the ViddyHo website, which then invited them to submit their Gmail username and password, leaving unsuspecting members at risk.
'We're all used to receiving suspicious communications via email, but these attacks arrived via the instant chat system built into Gmail,' Sophos' senior technology consultant, Graham Cluley, commented. 'As a result, more users may fall unwittingly into the trap.'
He went on to advise: 'If you think you might have been duped, make sure you change your Gmail password immediately otherwise your entire address book and all your correspondence, including information that you may have archived about other online accounts, will quickly become rich pickings for the hackers.'
The site has now been blacklisted by TinyURL, the address shortening service which it used.
bcs.org
A phishing scam which has targeted users of Gmail has been reported by web security experts Sophos.
The firm obtained samples which showed that users were being tricked with a fake instant messaging pop-up at the bottom of the screen.
When email account holders clicked on this message they were redirected to the ViddyHo website, which then invited them to submit their Gmail username and password, leaving unsuspecting members at risk.
'We're all used to receiving suspicious communications via email, but these attacks arrived via the instant chat system built into Gmail,' Sophos' senior technology consultant, Graham Cluley, commented. 'As a result, more users may fall unwittingly into the trap.'
He went on to advise: 'If you think you might have been duped, make sure you change your Gmail password immediately otherwise your entire address book and all your correspondence, including information that you may have archived about other online accounts, will quickly become rich pickings for the hackers.'
The site has now been blacklisted by TinyURL, the address shortening service which it used.
bcs.org