Google AdWords Users at Jeopardy
Security experts from security firm, Sophos confirmed about the "Google AdWords" phishing campaign launched by cyber crooks presently for targeting its innocent users.
The rogue phishing e-mail confirms recipients that their accounts in Google AdWords might have been discontinued from July 25, 2011. It further asks the recipient for checking their AdWorks account regularly to confirm uninterrupted quality services. For checking their account immediately on receiving the mail, the recipient is furnished with a link, reports nakedsecurity.sophos.com on July 26, 2011.
On clicking the link, a user is taken to a page, which resembles exactly the Google AdWords login page and is a live proof of the advanced skills of cyber thieves. However, the only pertinent difference between the actual page and the phishing site is the domain. The domain of the phishing site is google-oa.net instead of adwords.google.com, highlighted security experts at Sophos. Experts at Sophos signifies that the account for Google AdWords use the same login credentials as the other related Google accounts (Gmail, Google Docs etc).
The whole plot also demonstrates that the phishing features are targeting a wider spectrum of online banking accounts like PayPal.
It is worth mentioning that MX Lab, another security firm has also claimed of a similar phishing campaign, as indicated from a spoofed e-mail address firstname.lastname@example.org with the subject "Account has stopped running this morning".
To avoid being victim of the scam, the security experts advised Google users to implement two-step verification for safeguarding their Google account and bang on the phishing email campaign. A two-step verification would opportune the users to choose if they wish to obtain a text or a voice message automatically sent to them when their account is being accessed.
Security experts at Sophos also commented that due to phishing e-mail campaigns as in the case above, phishing activities could really soar high. However, their comment is supported by data published at the monthly report (July 2011) by Symantec. Statistics revealed that since June 2011, there is an increase of phishing e-mail activity by 0.01 percentage points; one in 319.3 emails (0.313%) contained some kind of phishing attack.
Related article: Google Rectifies Gmail flaw in Three Days
» SPAMfighter News - 06-08-2011