Tuesday, November 24th, 2009...3:52 pm

Adwords Phishing

Jump to Comments

Webmasters and site owners, beware!

Lately I’ve been getting spam emails posing as correspondence from Google Adwords. They go like this:

We detected irregular activity on your Google AdWords Account.

Please use the link below to verify your account immediately:

https://www.google.com/accounts/ServiceLogin?service=adwords

But the actual link leads to the phisher’s domain instead of Google. Of course when you enter your account details on the page they offer you, you just hand your Adwords account data (credit card info, all your campaigns data, your personal data, and so on) to the phisher.

There is one more way to see that this email comes from somebody other than they claim to be – if you look at the full headers of the message you will see this:

from copland.udel.edu ([128.175.13.92]:41061) by host02.localhostserver.net with esmtp (Exim 4.69) (envelope-from )

- which means they are probably using some proxy running on a university server.

How to deal with such emails? First of all, of course, verify that you are on the actual Adwords login page and not somewhere else before entering your login and password. Secondy, I would surely love to see Google’s reaction to these phishing emails. Google has put a lot of effort into getting newbie webmasters involved in AdWords, now I guess it’s their turn to educate people who may not be very savvy about the dangers of phishing.

Comments are closed.