Those nasty phishers are getting even more creative in their quest to steal our financial information, this time playing off the Google brand name.

Phishing, a form of profit-oriented malware, started as emails that led people to counterfeit websites designed to trick them into divulging account names and passwords. But now phishing threats are coming at us through more than just email.

Security researcher Facetime suggests that phishers are flooding instant messaging (IM) and internet relay chat (IRC) with messages that lead people to download a bogus Google toolbar.  The sole purpose: to steal credit card details.

According to Facetime, two URL links are circulating through IM and IRC programs.  Both entice users with a link that when clicked on leads to a mock page that installs a fake Google toolbar and hijacks a Windows HOSTS file—a file that tells your computer which numerical IP address is associated with what URL.  With the help of the rewritten HOSTS files, the toolbar redirects Google addresses and pops up a window asking for credit card information.

So far Facetime has seen three variations on the attack, each one exploiting a slightly different vulnerability.

“Hackers are clearly using new variations such as IM to take advantage of reputable, trusted brands such as Google,” said Facetime senior researcher Chris Boyd.  “Our research finds that this phishing scam is financially motivated by a third party using incredibly elaborate bundles that deliver a rouge Google toolbar with many of the same elements as the real Google toolbar.”

This attack is just one of the latest threats coming in over IM networks.  Security vendor IMlogic notes that in the third quarter of 2005 alone, the number of IM assaults spiked to 10 times as many as in all of 2004.

Sadly enough, these new techniques are working for phishers, as one in five online users is still oblivious to such practices.  So be weary of anything that pops up in IM prompting you for personal details.