Just a while back i got an Instant Message from one of my colleagues who hardly ever chats with me. Surprisingly it was a Tinyurl link which said something like – “LoL! Check out for this funny video “, which was so unlike him to send an URL of a funny video. But still i went ahead and clicked on it and i was taken to a website – Viddyho.com (I am not linking to it – no way) which asked me to login to GTalk by entering my GMail username and password in the space provided!


Obviously it looked fishy (phishy). Why would anyone needs to login to GTalk to watch a funny video? Good try buddy, but I am not someone who would fall for it! But I am not sure how many have fallen for it. One of them of-course was my friend who had promptly logged on using his GTalk user-id and password. Once he did, it smartly sent IMs to all his contacts with tinyurls pointing to viddyho.com. It might just be a prank or an actual phishing link. I am not too sure about it right now. But I would surely update this post soon. Keep plugged in.

@Mashable tweets to all their followers on twitter about Viddyho being a scam site. Still no clarity on if its a phishing link or not.

Lot of people confirming about this and now asking for a solution. If you have fallen PREY, just change your password RIGHT NOW. if you are on Firefox, clear your cache and cookies and restart your Browser. More updates soon.

My small VPS was not able to handle so many concurrent users. Sorry for any downtime. Blogstring confirms that Viddyho is indeed part of a phishing network with similar phishing hooks for Myspace, MSN messenger, ICQ etc.

Image updated & Credit: NyTimes


Raju is the founder-editor of Technology Personalized. A proud geek and an Internet freak, who is also a social networking enthusiast. You can follow him on Facebook and on Twitter. Mail Raju PP. Follow rajupp


  • iamurdestiny

    Got msgs like this from few folks…..i thght, “Why wld anyone sign-up into a website with his / her gmail id and password to watch a VIDEO?”.

    Definitely a phishing site!!


  • Kaushal

    Hey, I too got that but I of course did not enter my precious password over there :) People should at least change their password after such foolishness. I’m glad that such phishing sites don’t take the passwords from our stored cookie sessions.

  • Jimish

    Surely, Its happening… I have atleast got 5-6 of them in last 1 hour… Luckily, I did not give my id/password…

  • VS

    omg! please post a solution to this. like your friend, i unsuspectingly did the same thing and it proceeded to send all my contacts that crazy message. i change my password and i’m hoping that solves the problem. would love to see if there are more steps needed to fix this. thanks!!

    • http://techpp.com Raju

      Change your password right NOW. If you are on Firefox, clear your cache and cookies.

  • http://www.energycircle.com Tim

    I just had someone tinyurl me the same link over iChat. Some long viddyho.com url slash a bunch of stuff. It took forever to load, so I closed the tab.

    I IM’d him back asking what it was, and he told me he got some kind of virus on his iChat client. He appears to keep going online/offline, but hasn’t sent me anything since.

    Hoping I’m not at risk because the page never loaded.

    Tims last blog post..*Energy Star* Sofas

  • http://Silona.org Silona

    SCAM! Because it happened to me and @ekai as well.

    don’t give away those gmail passwords peeps!!!

  • atta boy

    It happened to me too. I received a video message in gtalk from someone I have not chatted with in 3-4 years. Even if it had been from a friend, none of them are retarded enough to start a message with ‘lol’. I did a preview.tinyurl.com and saw it linked to some viddyho website. Nice try, @$$holes! I am not falling for it. Though I received a couple more of those links so some people are buying it. If this spreads, tinyurl.com will be pariah-ed , and I feel sad for that.

  • ADD

    you might add to the article: dON’t Ever eVer put your password into a site that is not the site where you created it.

    it’s like sharing needles or sleeping around – at some point it’ll catch up with you

  • http://www.softwaretestinggenius.com Yogindernath

    I think we should see the complete URL first before entering our credentials.. I really dont understand how people take it so lightly..

    Yogindernaths last blog post..How to Data Drive a Test Script using IBM – RFT?

  • latestnightowl

    If you clicked on the click but didn’t enter any info, are there any precautions to take? I guess I clicked on the tinyurl link during the peak of the storm because the viddyho website was down (servers were busy), although I definitely wouldn’t have been silly enough to fork over my password…

    • http://techpp.com Raju

      I did the same thing and I didn’t want to risk my gmail account at any cost. Just changed my password.

  • Ross Craig

    We are told all the time not to click on links in emails, but on Twitter it is flooded with TinyUrl, are they any safer, NO.

    I never got this in my gtalk, but I did see this somewhere else though, I never did click on the link.

    • http://techpp.com Raju

      Valid points mate!

  • Jenny

    These points are definitely valid and we should not take it lightly..

  • Jagadish Aahir

    very very nice service.pleae help our non profit organition to prevent cyber crime.thanks