Gmail users hit by phishing chat attack, Sophos reports

Issued by Me Talk Pretty for Sophos South Africa
Johannesburg, 26 Feb 2009

IT security and control firm Sophos is warning Gmail users to be on their guard against phishing attacks, following news that the e-mail system has been the target of a campaign that spread via the Google Talk instant messaging chat system.

Samples intercepted by SophosLabs reveal that the unsolicited instant messages urge users to "check out this video" by clicking on a link via the TinyURL service. The link, however, directs users to a Web site called ViddyHo - which asks surfers to enter their Gmail usernames and passwords. Sophos warns that the hackers behind ViddyHo could then use the details they have stolen to break into accounts, steal sensitive information and commit identity theft.

"While everyone is used to receiving suspicious communications via e-mail, these attacks arrived via the instant chat system built into Gmail. As a result, more users may fall unwittingly into the trap," says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.

Users who think they might have been duped are advised to change their Gmail password immediately, or risk their entire address book and correspondence, including information that may have been archived about other online accounts, quickly becoming rich pickings for the hackers.

Sophos research shows that 41% of computer users have the same password for every Web site they access. It is, therefore, crucial for victims of this attack to change their passwords on any site where they are using the same password as their Gmail account.

"You should always be wary of clicking on unsolicited links, whether received over e-mail or IM, and be extremely careful whenever a Web site asks you to enter your username and password for another site," Myroff adds.

TinyURL has now blacklisted the site, meaning that the link will no longer work. “There is, however, nothing to stop the hackers using other URL shortening sites or setting up alternative phishing sites to try and steal from the unwary.”

For more information, including screenshots of the attack in action, please visit Graham Cluley's blog: http://www.sophos.com/blogs/gc/g/2009/02/25/gmail-users-hit-viddyho

Sophos South Africa

Netxactics, trading as Sophos South Africa, is a South African-based company focused on the provision of security solutions. It is the Master Distributor for UK-based Sophos, one of the leaders in the provision of network access control and endpoint, e-mail and Web security and control solutions for the corporate environment. For more information, visit Sophos South Africa at http://www.sophos.co.za.

Sophos

Sophos enables enterprises worldwide to secure and control their IT infrastructure. Our network access control, endpoint, Web and e-mail solutions simplify security to provide integrated defences against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, we protect over 100 million users in nearly 150 countries with our reliably engineered security solutions and services. Recognised for our high level of customer satisfaction, we have an enviable history of industry awards, reviews and certifications. Sophos is headquartered in Boston, Massachusetts and Oxford, UK.

Editorial contacts