FAST SPREADING PHISHING SCAM HITS GMAIL USERS

Fast-Spreading Phishing Scam Hits Gmail Users
By Jenna Wortham
UPDATE 6:45 p.m. : This post has been updated to include analysis from a security expert.




Google just can’t get a break today.

First, Google’s e-mail service froze for several hours, locking out millions of users. Now its chat service appears to be the conduit for a rapidly spreading phishing scam.

Gmail users who are logged into the accompanying chat service Google Talk, or GTalk, have been getting messages that appear to be from friends, urging them to click on a TinyURL Web address that redirects to a Web site called “ViddyHo.” The site asks for the person’s Gmail log-in information and then sends out chat messages to all of the user’s contacts, spreading itself further.

The online service Twitter had a steady stream of complaints and warnings about the attack. “To anyone who receives a Viddyho invite from me, please ignore it,” a Twitter user named Zaffi cautioned Tuesday. “I think I’ve been duped.”

Avivah Litan, a security analyst with the research firm Gartner, said phishing attacks luring Web surfers to click on videos have been steadily increasing over the last six months. Consumers have “wised up” to e-mail messages masquerading as notes from banks and credit card companies, Ms. Litan said. Now, she said, phishers are sending video invites that play on hot topics and news events (in this case, a video starring the comedy troupe The Lonely Island and the singer T-Pain). While the video plays, the site might be downloading so-called malware in the background to infect the victim’s computer.

“These criminals really know how to get people’s attention,” she said. “It’s the modus operandi that’s favored by the crooks, and it’s working pretty well. They laugh all the way to the bank.”

For users who fell victim to ViddyHo, Ms. Litan recommends changing passwords and running a virus scan, although she warns that might not be enough. “In the really sophisticated cases, you could run 40 antivirus programs and it might not find any malware,” she said. “You may need to make a backup, delete everything and start over. That’s the safest thing to do.”