Google Adwords Phishing Email

Hi,

A few weeks ago I received a phishing email (I get a lot of those) but for the first time the phishing concept was themed with Google Adwords.

This post covers:

1. About the Google Adwords Phishing Scam

2. The Marketing Effect on Google Adwords

Enjoy..

Ophir

1. About the Google Adwords Phishing Scam

So I received an email Friday morning and this is how it looks:

Google Adwords Phishing
(Click the image to Enlarge)

This emails calls to “renew” my account, of course, once I’d click I’d get to a place where they would ask for my ersonal information, then some billing detais=ls “to be sure this is really me” and the next thing you know you have bank account in coutries you never visited and you’ve been ordering a lot of goods from catalogs :-)
Jokes aside, this is very dabgerous and it is highly recommended to treat such email very carefuly.

A few days after that, I received this email from Google to all my adwords accounts with the warnings as follows:

Hello,

At Google, we take the safety of our users very seriously, and we work hard to ensure that your accounts are secure. As part of those efforts, we recently compiled some tips on our blog to help protect you from “phishing,” which is an attempt to fraudulently collect passwords, credit card numbers, and other sensitive information: http://googleblog.blogspot.com/2008/04/how-to-avoid-getting-hooked.html

This information is important because any online account can be targeted by phishers, including online advertising accounts.

There are reports of phishing attempts that falsely appear to be from adwords-noreply@google.com. These fraudulent emails ask users to update their billing information, take action on a disapproved ad, edit their account, or accept new AdWords terms and conditions. Please remember that Google’s AdWords team will never send an unsolicited message asking for your password or other sensitive information by email or through a link.

If you need to change your account information, such as your billing details or your password, always sign in to your AdWords account from the main AdWords login page at https://adwords.google.com and make the changes directly within your account.

We’ve included more information below on how to avoid phishing. If you have any questions, please don’t hesitate to contact us at adwords-support@google.com.

Sincerely,
The Google AdWords Team

–Tips on how to avoid phishing:
- Don’t reply to or click on links in emails that ask for personal, financial, or account information.
- Check the message headers. The From: address and the Return-path should reference the same source.
- Instead of clicking the links in emails, go to the websites directly by typing the web address into your browser, cut and paste or use bookmarks.
- If on a secure page, look for “https” at the begging of the URL and the padlock icon in the browser.
- Keep your computer’s antivirus, spyware, browser, and security patches up to date and regularly run system scans.
- Review your accounts regularly and check for unauthorized activity.
- Use a browser that has a phishing filter (Firefox, Internet Explorer, or Opera).

If you receive a phishing email, please report it to Google by completing the Report Phishing Form: http://adwords.google.com/support/bin/request.py?ctx=cuffhelp&contact_type=phishing

2. The Marketing Effect on Google Adwords

Well, apart from the security thing, Google Adwords has officialy become a comodity of the thieves. Until recently most “offers” would vary from “I’m a Nigerian with 75,000,000 USd to giv you” to “you won the lottery” and then “City bank welcomes you back – please verify your account”, then paypal, eBay and others.

Google Adwords was (still is actually) a place of BUSINESS, it’s not supposed to be something that every one would have. Well folkes, according to these thieves, it is. According to them, there are so many Google Adwords accounts out there, it’s worth their while to try and steal some of the owners’ records.

This is a frightening moment in the security aspect for Google’s people, but in another aspect, this is a breakthrough in the way the Google brand and its flagship product – Adwords, is being used.

3 Responses so far.

  1. [...] Go to the author’s original blog: Google Adwords Phishing Email [...]

  2. anonymous email says:

    Scammers not even have respect from Google. I received a thousands of PayPal, CityBank phishing emails already but now Google.

    Yahoo and also http://www.anonymousspeech.com are using ANTI PISHING PICS which is used identify a phishing site immediately.

Leave a Reply


*