March 27, 2008

Google Adwords targeted in phishing attacks


by Brian Turner

If you're new here, you may want to subscribe to my RSS feed. Thank you for visiting!

Google

Google Adwords customers are being warned to watch out for fake emails claiming to be from Google Adwords, which attempt to steal login details.

Google Adwords has become the latest service to be targeted by phishers, using spoof emails to steal user login data.

Normally targeted at banks and online financial providers, the aim is to capture user login details by using a link to a fake website, which then records the login details and allows criminals to clean out the user’s bank account.

However, it looks like phishing attempts are increasingly being targeted at service provisions where bank account details may be less directly accessed.

A number have banks have already begun implementing new security systems that require a login username and password - as well as a string of numbers provided on a pad that randomly change every minute.

The question is how it will be before services such as Google Adwords will have to consider implementing such additional security measures, to ensure advertiser accounts - and their banking details are protected.

ADDED: A new wave were sent out today:

Account Reactivation

This message was sent from a notification-only email address that does
not accept incoming email. Please do not reply to this message.
——————————————————————————–

Dear Google AdWords Customer,

Please sign in to your account at http://adwords.google.com/select/login , and update your billing information.
Your account will be reactivated as soon as you update your payment information.
Your ads will show immediately if you decide to pay for clicks via credit
or debit card. If you decide to pay by direct debit, we may need to receive
your signed debit authorization before your ads start running,
depending on your location.
If you choose bank transfer, your ads will show as soon as we receive your
first payment.

We look forward to providing you with the most effective advertising available.

Sincerely,

———————————————————————————-

The Google AdWords Team

The link in the Adwords login URL is actually to http://adwords.google.fkjre03ke.cn/select/Login

UPDATE 2: 28th March 2008: - A new deluge of Adwords phishing attempts has been sent over the past 24 hours, all of which is using 5 alphanumerical character .cn domains as the phishing source. Looks like a possible automated attempt, which means expect to see this become a constant feature of your inbox for some time.

Discuss this in the Internet Business forums

Story link: Google Adwords targeted in phishing attacks

Add to Bookmarks:

ADD TO DEL.ICIO.US     ADD TO DIGG     ADD TO FURL
ADD TO STUMBLEUPON     ADD TO YAHOO MYWEB     ADD TO GOOGLE     ADD TO SPURL

Related stories:

 

One Response to “Google Adwords targeted in phishing attacks”

  1. New York Data Recovery on August 15th, 2008 2:41 pm

    I’ve gotten these so many times. The worst is my friends dad getting one of these from ‘Chase’ they cleaned him before the morning. BE WARNED this is real.

Leave a Reply




 

Previous: « Email spammers use blogspot against filters
Next: Recession risk warning for business »

Visited 3933 times, 14 so far today