Now its chat service appears to be the conduit for a rapidly spreading phishing scam.
Gmail users who are logged into the accompanying chat service Google Chat, as most are, have been getting messages that appear to be from friends, urging them to click on a Web address starting with tinyurl.com that takes them to a site called ViddyHo. The site asks for the personís Gmail log-in information and then hijacks the account, sending out chat messages to all of the userís contacts and spreading itself further.
Msg#: 3857492 posted 3:19 pm on Feb 25, 2009 (gmt 0)
same thing that happened with paypal; if you don't know yet, don't sign into google in a domain not owned by google.
although google owns so many properties it may be hard for someone to know what is owned by google. like i sign into youtube with my google credentials all the time. i'm not sure if feedburner offers the same thing;
another problem could arise if you are invited to join a site through google friend connect; they may have a fake widget embedded to lead you to sign in with your google credentials; and blau! phished!
Msg#: 3857492 posted 7:15 pm on Feb 25, 2009 (gmt 0)
don't sign into google in a domain not owned by google
That sounds like basic common sense but it's amazing how many people do. It's sites like facebook that wear down people's caution - people seem largely happy to provide their login details at places like facebook. Where then do you draw the line?
Msg#: 3857492 posted 7:52 pm on Mar 2, 2009 (gmt 0)
These kind of scams don't work.
Unfortunately they do to some degree when first exploited. As I alluded to above, I think there are other things at play here. For me, I am now leery of clicking on links that are converted through a URI shortening service. I'll follow them on Twitter because I'm trusting the creator in that instance. But I would NEVER follow one that I couldn't determine the destination and/or the source.
Do you think people are still going to follow those TinyURL links so freely now? As this becomes more and more "in the wild" as they say, you might think that industry has a short life span right now. Anything that interferes with the click to the destination is at risk of being retired to the marketing graveyard. ;)