Archive for February 25th, 2009

Gmail Phishing Scam

Wednesday, February 25th, 2009

Recently, a phishing scam has cropped up in Gmail, affecting users that are logged in to the chat facility.  Once a user has logged into Gmail, a message appears from a friend telling the users to click on a link.  Of course, this is not sent from a friend but is part of a malicious phishing program.

Once clicked, the link redirects users to a website called ViddyHo, which prompts people to enter their Gmail login details.  If details are entered, the program hijacks the email account and begins sending more messages to the owner’s friends.  This has given the scam the ability to spread itself across Gmail at an alarming rate.

Phishing scams such as this are becoming increasingly common.  Whilst the websites may look innocent enough, they are often used as a medium to transfer malware to computers and extract passwords, account details and other personal information.  There is often a “hook” behind these scams - something that arouses curiosity or gains trust.  For example, many “successful” viruses and scams appear to come from close friends.

Regular virus scans and password changes will help keep people protected from phishing scams but one of the best forms of protection is a cynical mind.  If something seems too good to be true it usually is.  If a website asks for login details, be very sure that it is a legitimate request from a trusted site.