Twitter is abuzz with news that iStockPhoto, a photo store that was acquired by Getty Images in 2006, has been hit with a phishing attack. All users who have logged into the site today are being instructed to change their passwords (presumably because they have been compromised) and the site’s homepage has been taken down.
While the site is currently inaccessible, Sean Locke writes that the site did offer a brief explanation earlier this evening:
This afternoon a phishing attack was conducted in the forums and through sitemail. This attack created a fake istockphoto.com login screen, prompting users for a username & password, saved them to a malicious server, then redirected the user back to the iStockphoto main page.
Update 7:18 PM PT: A spokesperson responds in comments
There was indeed an attack against iStock today that was discovered by our security team. As a precaution we took down the site but it will be up shortly. Please see the site for further details.
It appears to be back up now.
I hope they get it up as soon as possible, I need Istockphoto.
TechFilipino
lame. GOD I HATE BLOG SPAMMERS!
Well maybe Blog Spammers hate you!
This is terrible.
As if we did not have enough things to worry about …
talk about owned
Hello–There was indeed an attack against iStock today that was discovered by our security team. As a precaution we took down the site but it will be up shortly. Please see the site for further details.
Thanks!
Probably nothing to do with phishing? If we took our site down each time there was a phishing campaign targeting our users we would never be up.
The end is near. Time to repent.
Great to hear the crack security team knew what was going on, right after it was obvious.
LOL!
A wise man once said, don’t keep all your credits in one stock photos site. Plenty of clone sites out there until they get back up and running.
We brought the site back up at 8:10 pm.
I was wondering why iStockphoto’s emails slipped into my gmail spam bin.
Good thing all 17 followers were notified immediately
What he said!
Users will understand the first time but will be mad as hell if this happens again. It does take a crisis to provoke change.
I recently had about 25 of my blogs deindexed from Google due to a similar attack. I spent a good 2-3 years of my life working on them and now my income has been reduced to pretty much nothing. My prescription expenses alone are about $500/month and I haven’t got one bit of help from Google.
Cry more no one cares about your life story
Hahahahahahhahahah!
I always loved istockhphoto and it’s a real shame that this has happened. I hope they get up and running again soon.
I had this fishing mail days ago. I guess I was one of the first to receive this email cause gmail didnt filter it. I considered warning iStock but I thought someone else must had already warned them.
It wasn’t just a phishing thing…even though I hadn’t logged into their site in 2+ years, one of my credit cards had a $1500 charge from them.
Hi, Marla– We tried to call you directly today but the number listed on your account is invalid. We need to assure you that no financial information is stored on iStockphoto.
If we can help you further, please e-mail biliana@istockphoto.com.
Thank you.
Kara
Kara – Thank you. I will email the address you supplied. I was trying to call the phone number supplied on the website but you weren’t open yet when I tried.
Marla–I just talked to Bili. I’m glad you’re issues were resolved. See you in the forums.
sory–shoud say “your.” I clicked in two places!
Thanks for your help (and Bili’s). I’m all set now and much happier!
What is the business model for these fraudsters?
How will they make money on this phishing attack?
Probably they’re waiting for 10 or 12 million users to figure that out! If twitter can, so do they!
I did not receive any phishing messages in my istock sitemail. Thank God.
I’ve found in my spam in gmail such a letter from LookStat:
«If you have not already heard, istockphoto suffered a phishing attack today on their site forums. They have rectified the situation but they have requested that users change their passwords on istock. If you do change your password there please remember to update your LookStat account settings so the system can continue updating your stats.
You can get more information on what happened here: http://www.isto...hreadid=85143»
So I afraid that attack could affect not only on iStockers…
Seems to be happening often these days doesn’t it? That or I read tech blogs too much. Or both. This digital security site has a ton of information on avoiding/understanding/etc. phishing attacks.
I like very much the writings and pictures and explanations in your adress so I look forward to see your next writings.
To provide useful information, please click to view
Bose headphones
ghd Hair Straightener
Women is Dakota
Sundance UGG Boots
Thank you!