Google Talk Users Hit with Phishing Attack After Gmail Outage

Phishers are targeting Google Talk users with a phishing scheme to get them to give up their user information. The scam tries to lure victims into clicking on a link that leads to a phishing site called ViddyHo.

More bad news for Google - some 24 hours after a Gmail service blackout, users of Google Talk became the target of a phishing scam seeking to trick them into giving up their user credentials.

Google Talk is Google's instant messaging system. According to Sophos, users have been getting unsolicited messages urging them to "check out this video" by clicking on a link via the TinyURL service. The link directs users to a Web site called ViddyHo, which asks users to enter their Gmail usernames and passwords to get access.

Graham Cluley, senior technology consultant at Sophos, said it is unclear just how widespread the attack is at the moment, but many people have reported receiving the message.

"If you look on Twitter, for instance, as well as other places on the Internet, for ViddyHo you'll see a lot of people have received these," he told eWEEK.

Phishing over IM is nothing new. In fact, IM is becoming more of an attack vector for hackers and malware. In their 2008 Annual Security Report, Symantec's MessageLabs reported that as many as 1 in 200 URLs sent by IM in the second half of 2008 were malicious.

IM can be appealing for phishers because users are more accustomed to receiving malware via e-mail, making them more trusting. Falling prey to this kind of phishing attack can have consequences beyond Gmail, as many people use the same password for multiple Web sites.

"Certainly we have seen an increase in reports of instant messaging phishing and scams," Cluley said. "Not just via IM systems like Google Talk, Skype, MSN and AOL IM, but also through social networks like Facebook."

TinyURL has now blacklisted the site, so the link no longer works. However, there is nothing to stop the hackers using other URL shortening sites or setting up alternative phishing sites to try and steal from the unwary, Cluley noted in a blog post about the attack.

"The message is simple," he wrote. "You should always be wary of clicking on unsolicited links and be extremely careful whenever a Web site asks you for a username and password."