Subscribe by EmailGoogle Adwords Phishing Scams
November 5, 2008 by PatB | 4 commentsBy PatB
Contributing Writer, [GAS]
I got a very interesting piece of spam in my inbox this morning, and it took me a few moments to realize it was a phishing attack designed to make me disclose my Google Adwords password.
Here is a screenshot of it.
Hovering over the link, you can see that they use a machine name of “adwords.google.com,” however, it continues as a session name, followed by random numbers, and finally, a domain name located on a Russian host. This attack is designed to trick website operators and blog owners into disclosing their Google account password. So far I have only seen Adwords used as a phishing attack. I suspect that it would work just as well with Adsense and other Google subscription and pay services as well.
Many users of Google services use the same password for all of their services- for Gmail, Google Analytics, Webmaster Tools, Adsense and even Google Write. Allowing this password to be disclosed would likely allow the attacker to take over not only the the Gmail account itself, but also to access all the services and websites where the Gmail address was used to register.
Securiteam has a blog post here about a man who had many businesses and forwarded all of his emails to his Gmail account for ease of access, easy searching, and convenience. When his Google account was locked, undoubtedly because he was Phished, he literally lost the keys to his business and was unable to interact with his customers. It took days to regain his access.
Bottom line is, don’t fall for these phishing attacks. Make sure you have a backup email notification built into your Google account(s), and for God’s sake, don’t use the same password for everything. The same goes double for Yahoo accounts.
- Using Google Talk to update your social networks
- Gmail introduces secure net connection
- Using GTalk and Twitter to update your Google Calendar
- Brush up on your anti-phishing skills
Tricky, tricky. That dot after the “.com” instead of a question mark makes all the difference. So the real domain is “sys80.u” — those sly Russian phishers.
IMO your email client should have detected a possible phishing attempt.
I’ve gotten a lot of these, Adwords, Adsense, Pay Pal, eBay, you name it.
Why do you say the same goes double for Yahoo? Is Yahoo easier to phish?
This is old and google was warned several times. Goes to show you who is looking out….
http://www.0×000000.com/?i=320
Webapps + the human element = disaster
Generally these phisher scammers are artists and they will try to trick everyone. Poor man I bet he will never foward his emails again to any free email provider. I use Gmail as my main email provider but personal stuffs I keeping in my local email client.