Another Google Adwords Phishing Attack In Progress
Google Adwords account holders are being targeted by criminals who trick them into handing over credit card information using a URL spoof has gained popularity in recent weeks.
The scam follows a traditional attack route involving the sending of spam emails to random Internet addresses in the hope of finding users who have purchased Adwords. The email claims that the user’s account payment has failed and asks them to “update payment information”, again a transparent tactic by today’s standards.
Proper looking http://adwords.google.com/select/login link embedded into email, a correct Google login address. However, it actually leads to http://www.adwords.google.com.********.cn/select/Login, an obfuscated address that directs to a site associated with IPs in Germany, Romania, and the Czech Republic.
The site is a good copy of the real Google Adword site, and appears to let users login using their real account details. Obviously, any account details will work. Entering payment details results in that information being posted using an SSL link to a remote server after which the account will be hijacked.
The attack has been publicized by security software company Trend Micro, but the disarmingly simple scam is widespread enough to have been received by ordinary users in recent days. The latest phishing attack bears a strong resemblance to a near-identical campaign launched a few weeks back by Chinese criminals.
As common as “account update” attacks have become, the spoofed URL is still the key to reeling in victims. Criminals seem to have realized that users are paying more attention to such details.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.