A couple hours ago, I was pinged by a fellow blogger on Google’s GTalk instant message service, telling me to click on an abbreviated URL link that led to a site called “ViddyHo.” The blogger doesn’t normally ping me, and the message was strangely nonspecific — “hey, check out this video: http://tinyurl.com/cmy22l.” So while [...]
I got scared and didn’t do what ViddyHo wanted me to, which was provide the site with my Google username and password — the bloggers who pinged me weren’t so lucky. ViddyHo had grabbed their info in order to spam me.
It’s not clear how many users gave their info to ViddyHo, but Google is now advising the internet that the site a phishing scam. See the screenshot above, that I took at the ViddyHo.com URL. TinyURL, the URL abbreviation service used by the scammer, has also cut it off. I have an email in to Google, asking how many users were affected, how the company plans to stop future such efforts, etc…. I’ll update when or if I hear back.
But it’s been a tough day for the company, and I bet they have their hands full. Gmail — a service that many use in conjunction with GTalk — went down around the world.
In any case, hopefully this is just a talented yet foolish hacker messing around, and not somebody who now might be busy messing around with the Google accounts they’ve just gained access to. Perhaps, as Marshall Kirkpatrick notes over on ReadWriteWeb, this person just wanted more pageviews:
The page itself is quite benign looking, though we find it pretty funny that whoever has created the attack has put pageview tracking code from both Google Analytics and Quantcast on it. Impressed much with yourself, you little social engineer you?
Anyway, for everyone who didn’t get hit with the phishing spam, hey, check out this video http://tinyurl.com/bq9vfw.
0 Responses to ViddyHo gives GTalk users a case of the worms