iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > Google Talk Phishing Attack Sounds Alarms
Search:
[ insider_reports_insider ]

Google Talk Phishing Attack Sounds Alarms



SecurityProNews
Staff Writer
2009-02-25

SecurityProNews: Insider Reports Insider Reports RSS Feed


The old X Files adage aptly applies to the Internet these days: Trust no one. Some Gmail users, already miffed about previous service outages, were invited through Google Talk to watch a video by clicking a link. Of course, bad news awaited.

Google Talk Phishing Attack Sounds Alarms
Google Talk Phishing Attack Sounds Alarms

It could have been really bad news if they'd actually followed the destination site's instructions to enter their Gmail passwords. Called ViddyHo, the website is an obvious phishing ploy to those in the know. But those trusting who appear to be old buddies may have thought it was another application service that asks for access to your email box to populate friends lists.

In this case, it was the old Rickroll out of control. In addition to appearing to be a message from friend, the URL was shortened so that the clicker had no indication of where he or she was clicking out to.

One victim said he thought the message was a from a guy he hadn't seen in years, and couldn't resist the enticing LOL that preceded it. Another accompanying message stated "Check this out."

This latest attack shows that scammers have moved beyond spam and other classic techniques and have begun targeting large, respected companies and social media. Their biggest weapons are various URL shorteners, which reduce and redirect to long URL strings that won't fit into a microblogging or status update field with character limits. While convenient to regular users, they can be dangerous because a clicker doesn't know where the link is leading him.

Shortened URLs have left Twitter and Facebook users especially vulnerable.

TinyURL, the service used in the Google Talk attack, blocked links from resolving to the ViddHo site in response. Perhaps the best way to check shortened URLs is to use LongURL.org to verify or to install a Firefox extension that reveal the destination URL upon a mouseover.


About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds