This morning I got an interesting email from Google warning for Adword users that they have been a number of security issues recently. Apparently users of the service have been receiving emails telling them that they are at risk to money being transferred from there account. To counter this they have to click on link which leads them to a false site (phishing) Where the site operator is able to get there account information when the user tries to log in. From the criminal perspective is clever scheme. What surprises me is that anyone who would be using Google ad words or administrating it is unlikely to be an internet novice. The problem must be widespread for Google to be emailing all of us. What does that say about their user base?
Here is an excerpt from the mail:
“There are currently reports of phishing attempts that appear to be from firstname.lastname@example.org. These fraudulent emails ask users to update their billing information, take action on a disapproved ad, edit their account, or accept new AdWords terms and conditions. Please remember that the Google’s AdWords team will never send an unsolicited message asking for your password or other sensitive information by email or through a link.
If you need to change your account information, such as your billing details or your password, always sign in to your AdWords account from the main AdWords login page at https://adwords.google.co.uk and make the changes directly within your account.
We’ve included more information below on how to avoid phishing. If you have any questions, please don’t hesitate to contact us at http://adwords.google.co.uk/support/bin/request.py?ctx=cuffhelp.”