Gmail users have had a rough time of it this week. Just a few hours after the hugely popular webmail service cratered on Tuesday morning, the instant-messaging feature associated with the site became the target of a phishing attack.
The New York Times Bits blog has a post explaining the mechanics of the attack, which essentially mirrors other IM-based scams in which users receive a link from someone on their buddy lists. The link, of course, takes the victim to a phishing site that tries to steal the user’s Gmail credentials.
Google is already on the case.
In a statement released Tuesday night, Google said it had taken steps to help curb the spread of the scam.
“We have blocked the addresses being used to send these messages,” the statement read. “Users of Firefox, Safari, and Google Chrome will receive a phishing warning when trying to visit the ViddyHo.com site.”
