Beware of AdWords Phishing Attempt via Google AdWords

Google AdWords

You’ve probably heard of Google AdWords by now and it also consists of a category of responsive ads It is an online advertising service developed by Google, where advertisers pay to display brief advertisements, service offerings, product listings, and video content within the Google ad network to web users. AdWords has quickly evolved into Google’s main source of revenue, contributing to Google’s total advertising revenues of USD $95.4 billion in 2017. AdWords offers services using a pay-per-click pricing model and advertisers require an active Google account to be able to utilize Google AdWords. There have been many recent online reports and backlash towards Google as the news was spread regarding cyber thieves which were sending out bogus phishing emails to Google AdWords user’s emails in an effort to dupe them into surrendering their valuable Google user name and password. These credentials can be used not only to access your AdWords account but all other Google Services you happen to use such as Google Docs, Calendar, Gmail and Google+. This was an extremely controversial issue as many users of Google Adwords had stored vital documents and other information in their Google accounts and hundreds of accounts were being compromised.

The method that these cyber thieves were able to compromise Google AdWords users is through something known as ‘phishing’. Phishing is the fraudulent practice of sending emails purporting to be from reputable companies (such as Google) in order to induce individuals to reveal personal information such as their passwords and credit card numbers and how you can aware of fraudulent practice. In this particular situation, emails were being sent to Google AdWords users claiming to be official Google staff members which requested advertisers to renew their account details and to submit their old account details in a link that was provided in the email. These links would usually redirect the user to a website that looked very similar to the Google AdWords page and once you entered your details it would immediately be accessible to the person seeking to access your account.

We highly recommend that if you are a Google AdWords used to be on the lookout for suspicious emails or phishing attempts directed towards your AdWords account. Many of the emails are reported to be very easily differentiable from emails directly from Google Staff. An example email was provided by a Google AdWords user that was sent to them in an attempt to scam them of their Google AdWords details. It reads:

Google AdWords

Your Google campaigns may have stopped running today (Monday, July 25, 2018)

Dear AdWords Advertiser,

For quality services and running your ads without any problems (Inactive account meaning Pausing your Ads) check your AdWords account regularly.

As you can see, the email is very vague and does not go into detail as to what exactly is the issue regarding your email. Upon clicking the link, you get directed to the aforementioned website which is similar in appearance to the official Google link. For safety purposes, we highly recommend that you revert back inquiring as to the legitimacy of this email or we recommend that you take a screenshot of the email and forward it to Google staff which will help you to resolve this issue and hopefully avoid any further occurrences of this problem in the future.

However, phishing attempts via email were not the only method that was used to acquire the details of Google AdWords users. There has been an ongoing and well-known issue regarding Google’s advertising services which report that Google is allowing malicious advertisements on its platform. Many AdWords users have reported seeing these malicious advertisements and when they search for ‘Google AdWords’ using the Google search engine, they are met with malicious advertisements that disguise themselves to trick the user into thinking that the advertisement will redirect them to the official Google AdWords website but in reality, users have reported that the link directs them towards non-Google websites that resembles the Google account login page to trick the user into entering their details.

Google themselves have gone on record multiple times to inform their userbase to be more vigilante and actively report suspicious activity in their emails and to report websites that look similar or imitate the Google trademark and website appearance. They have published multiple support posts details what phishing is and how they can avoid phishing attacks. They have also gone on record to explicitly state that Gmail and Google staff will never ask you for personal information such as your password or user name over email. It was also reported by many news websites that Google had added new security features to Gmail in 2017 in order to directly protect and prevent phishing attempts on their userbase. They have now implemented a machine learning model to prevent spam emails and suspicious email activity such as email accounts that look suspiciously similar to the email accounts of their staff members or their own professional emails. They have also implemented a warning feature before a user replies to a spam email to indicate the potential threats and to inform the user to not send any private or personal information.

Despite the anonymity that one gets from being on the internet, situations like this show that you can never be too safe. Even a company like Google, which is trusted by millions of users and get hundreds of thousands of new users every month, face security issues like these and potentially leads to exposing and endangering millions of people. This is why it is always important to be cautious before trusting any company or any person with your personal details because you never know what they might be able to do with it, especially on the internet where the person you are talking with could be hundreds of miles away from you and essentially untraceable. Always ensure that whoever you talk with or whatever you do on the internet won’t negatively affect you or risk exposing your personal information. All it takes is one misstep to lead you down a spiral of infinite problems.

 

 

 

 

 

 

 

Leave a Reply

Your email address will not be published.

You may use these <abbr title="HyperText Markup Language">HTML</abbr> tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*