Watch Out for Google Adwords Phishing Scam

adwords1If you had received an email from the Google Adwords, watch out for the link that it redirects you to because the phishing scam had just started to spread. But before that, a quick introduction here to Google Adwords where it is a program for advertisers to create their advertisement to be published by Google and its Google Adsense publisher. In the coming few days, the Adwords phishing scam will be spread widely after the first few hits were detected. Read further on if you are part of the Google Adwords advertiser and does not want to fall into this phishing scam.

Google Adwords Phishing Scam – How it works?

Google-Adword-Phishing-Attack

You will first receive a piece of email telling you that your campaigns had stopped running and needed to login into your Adwords account in order to resume back. It provides a link for you to click and once you click on that link, you will be redirected to a phishing site which looks exactly like the actual Google Adwords.

google-phish-site

Image from nakedsecurity.sophos.com

Cool isn’t it? Notice that the URL is slightly different from the actual Google URL and the only it confused most of the user is that it included the word ‘google’ into the URL. If you read about my post on how to detect and combat phishing attack, you will know that the basic trick of the attacker is usually to make the phishing URL as similar as possible to the actual one. If you are quite a careless person, then you should think about purchasing an antivirus which has phishing detector.

WHOIS the Phishing Scammer

Back to the URL, you can check on the person who register for this domain. This can be done by going to the WHOIS look-up site and you will find the information as below:

google-phish-whois1The information is nothing close to the actual Google Adwords. This phishing scam is still fresh on the internet and you should stay alert when there is any email from Google Adwords. It is advisable for everyone to use the two-step verification for your login. You can refer to this post on how to setup a two-step verification for you Google account. By having the two-step verification, even the scammer has your username and password, he will still not be able to login until the verification code is provided to him. Stay close to IT Security Column to get the latest updates on not only phishing scam’s news, but also other IT security related news.

Related Posts:

Sign-up To My Newsletter And Get A Free eBook

  • Build your own security now in 10 simple steps

  • Comes together with 15 tips on how to stay online safely

  • You will also receive tips on how to stay secure on the latest deadly threats
Filed Under: News Tagged With: ,
About Alan Tay

I am a Software Engineer who works for a Security Firm in Malaysia. Spend most of my time gathering information about security so that I can blog about them here. Owner and founder of IT Security Column.

Speak Your Mind

*

CommentLuv badge