Google AdWords base of new phishing scam
By Ashley Curtis
26/07/2011
Cyber-criminals have started to target Google AdWords in a bid to gain access to sensitive information, reports The Register.
The crooks attempt to make the AdWords user enter their username and password after a phony error message appears, falsely claiming that a recipient or a client's campaign has been shut down.
The only way to reactivate the campaign is to 'login' to their AdWords account.
The situation is even worse given that the account details for Google AdWords are generally the same across the board for Google accounts such as Gmail, Google Docs and Google+.
It is hoped that by bringing this situation to light, businesses will double-check their automated IT software to ensure it blocks all potentially harmful websites, such as the fake Google AdWords site.
The Google AdWords scam is just one of a number of 'alternative' scams flying around the internet. Hackers are drifting from "old favourites" like PayPal and eBay towards more obscure targets. Fraudsters in Brazil have begun targeting air miles accounts, trading "stolen vouchers as a form of currency in exchange for renting access to botnets via underground markets", according to The Register.
Lucian Constantin, a security expert writing for Softpedia, explains the danger of the airmiles scam: "Unlike online banking accounts, those associated with airline websites are easy to take over. All that attackers need is the victim's customer registration number and password."
