homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Google / Google Gmail Advertising
Forum Library, Charter, Moderator: open

Google Gmail Advertising Forum

Phishing Scam Hits Google Mail Users

 3:12 pm on Feb 25, 2009 (gmt 0)

Phishing Scam Hits Google Mail Users [bits.blogs.nytimes.com]
Now its chat service appears to be the conduit for a rapidly spreading phishing scam.

Gmail users who are logged into the accompanying chat service Google Chat, as most are, have been getting messages that appear to be from friends, urging them to click on a Web address starting with tinyurl.com that takes them to a site called ViddyHo. The site asks for the personís Gmail log-in information and then hijacks the account, sending out chat messages to all of the userís contacts and spreading itself further.



 3:19 pm on Feb 25, 2009 (gmt 0)

same thing that happened with paypal; if you don't know yet, don't sign into google in a domain not owned by google.

although google owns so many properties it may be hard for someone to know what is owned by google. like i sign into youtube with my google credentials all the time. i'm not sure if feedburner offers the same thing;

another problem could arise if you are invited to join a site through google friend connect; they may have a fake widget embedded to lead you to sign in with your google credentials; and blau! phished!


 5:39 pm on Feb 25, 2009 (gmt 0)

Urging them to click on a Web address starting with tinyurl.com

That is the root of all evil if you ask me. Anything behind a shortened URI cannot be trusted. These types of services are on their way out.

What a mess! I've been urging others to also not follow shortened URIs if they are not absolutely sure of its creator. And even then, that third party middle man makes the hair on me neck stand up.

I think this can be seen as killing two birds with one stone. First the Google phish and then the reputation/trust hit on TinyURL. Which was the prime target? Google? Or TinyURL? ;)


 7:15 pm on Feb 25, 2009 (gmt 0)

don't sign into google in a domain not owned by google

That sounds like basic common sense but it's amazing how many people do. It's sites like facebook that wear down people's caution - people seem largely happy to provide their login details at places like facebook. Where then do you draw the line?


 2:10 pm on Feb 26, 2009 (gmt 0)

Lots of wolfs out there and no shortage of little girls with red hoods.

Scams like this will never go away. It's just a matter of educating people on how to spot them.


 2:12 pm on Feb 26, 2009 (gmt 0)

You wonder where brains are stored. These kind of scams don't work when ... heck I'm preachin' to the choir!


 7:52 pm on Mar 2, 2009 (gmt 0)

These kind of scams don't work.

Unfortunately they do to some degree when first exploited. As I alluded to above, I think there are other things at play here. For me, I am now leery of clicking on links that are converted through a URI shortening service. I'll follow them on Twitter because I'm trusting the creator in that instance. But I would NEVER follow one that I couldn't determine the destination and/or the source.

Do you think people are still going to follow those TinyURL links so freely now? As this becomes more and more "in the wild" as they say, you might think that industry has a short life span right now. Anything that interferes with the click to the destination is at risk of being retired to the marketing graveyard. ;)

Global Options:
 top home search open messages active posts  

Home / Forums Index / Google / Google Gmail Advertising
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved