Cybercriminals phish for Google AdWords' user names and passwords

The phishing scheme involves a bogus notification email that reads, “Google AdWords: You have a new alert” or “Google Team: You have a new alert.” The phishing email contains a “dodgy” URL, which the recipient is directed to click on, according to an M86 Security Labs blog.

If recipients clicks on the URL, they are directed to a malicious webpage that enables cybercriminals to capture their user name and password for their Google AdWords account, M86 explained in a blog.

“Once you enter your Google account credentials in the phishing page this will NOT just compromise your Google AdWords account, but all your Google services like GMail or Google+ will be affected as well. When you receive these sorts of notification emails, always double check the URL before you click on them – if it looks suspicious, it probably is”, the blog advised.

The phishing email even attracted the attention of Ohio Attorney General Mike DeWine. "We have been getting this message here at the Attorney General's Office. I've even received it myself. This shows how important it is to be on the lookout for potential scams", the attorney general said.

What’s Hot on Infosecurity Magazine?