Internet marketing resources, ecommerce web site design tutorials and  just for fun - free cell phone ringtones!
  Taming the Beast - quality web marketing and ecommerce development services

Beware Adwords Phishing Scams

Posted by Michael Bloch in online world (Monday April 14, 2008 )

Phishers, those who attempt to defraud others by posing as a provider or supplier in order to gain credit card details or access to services, have started leveraging the popularity of Google Adwords for their nefarious activities.

I started getting seemingly authentic notes a couple of weeks ago stating that I needed to update my billing details or my Adwords account would be suspended. I didn’t take much notice of them as it was in connection with an old account. Today I received a note that my Adwords account had been suspended.

…..actually, they didn’t use that terminology and that’s what initially raised my suspicion. While the subject lines of the previous emails seemed ok, the subject line of this note was “Your AdWords Google Account is stoped”. Ah, for all their cleverness, many phishers and other forms of lowlife scammers just can’t spell :)

Here’s the text of the note:

adwords-phishing.gif

The note looks like plain text, but is actually HTML (ignore the background color, it’s a custom color scheme I run that’s easier on my bloodshot eyes). The real URL you wind up at is along the lines of www.adwords.google.com.XXXX.cn/select/Login – note the xxxx.cn extension.

So what are phishers wanting with Adwords account details? My guess is aside from credit card numbers, they may also access accounts and litter the search engine results pages with ads for the usual spammy stuff we see via email. They can bid top dollar on terms in very competitive markets on the account holder’s dime – for a short time.

Phishers cast their nets far and wide and pose as all sorts of services – it just doesn’t pay to access any accounts you have via a link in an email. Always go directly to the real site and log in from there. If you do risk it, ensure the TLD (top level domain) name is that of the service provider and not like the example above. Another way to determine legitimacy is to study the email header



 

 
1 comment for Beware Adwords Phishing Scams
  1. If I had a dollar for everytime my customers and I recieved an adwords phishing scam, we’d be pretty darn well off.

    Theyre sending them out like no tomorrow and a lot of my clients are getting them. Some have even fallen for it. Terrible.

    Comment by Robert Kingston — June 13, 2008 @ 10:14 pm

Sorry, the comment form is closed at this time.