Phishing Attack Targeting Google AdWords Accounts

Warning has been issued to Google AdWords customers to watch out for a phishing e-mail that is currently prowling on the Internet. Researchers at Trend Micro, the security firm, have identified the trick that makes AdWords users to divulge their credit card numbers, as reported by WebUser on May 2, 2008.

Google AdWords is a utility for advertisers to advertise their products online. All types of companies use this service. Phishing gangs currently exploiting this feature are sending an e-mail to AdWords customers, falsely informing them that the last payment they made did not work out, so they need to provide their recent payment particulars for their AdWords accounts.

A link in the e-mail appears legitimate and it reads as hxxp://adwords.google.com/select/login. But on closer examination, the visited Website is a hacked one hosted in countries including Brazil, Canada and Romania.

According to Trend Micro, although the link given in the fraudulent e-mail appears legitimate, the site it leads the consumers to is actually the compromised site, where confidential details are captured. A software that relates to the URL text displayed in the message likens it to the original URL responsible for the text, and warns the user that he might mistake it to link to google.com while it actually leads to somewhere else.

Trend Micro revealed that Google, in various ways, can be found as an unfortunate victim of the success it has earned for itself. While its share in the market has increased with the number of services and products it offers, its worth to the Internet criminals has also increased in the form of a platform it facilitates for exploitative activities,.

According to Trend Micro's Rik Ferguson, malware and cyber crime today is a large business, which increasingly imitates the legitimate business in the form of outsourcing, allocation of R&D budgets, and creation of malware for providing service platforms, SLAs and also EULAs, as reported by responsesource on May 2, 2008.

Besides, Ferguson said that as the share of market alongwith the base for users expands, the investment potential for cyber criminals too escalates. Meanwhile, Trend Micro has advised caution against unexpected messages about Google AdWords accounts.

» SPAMfighter News - 06-05-2008