If you are an AdWords advertiser, you should be aware of the current various methods being used to scam advertisers out of personal information, such as credit card numbers. According to Google, the following three methods are being used by scam artists to access client AdWords accounts:
1. Phishing
2. Malware
3. Unauthorized Access
Phishing
Phishing is an attempt to fraudulently acquire sensitive information, such as usernames, passwords, or credit card details, by masquerading as a trustworthy entity. For example, there are reports of phishing emails that falsely appear to be from adwords-noreply @ google.com. These fraudulent emails ask users to update their billing information, take action on a disapproved ad, edit their account, or accept new AdWords terms and conditions. In some cases, the links may lead to websites that install malware onto your computer.
Please remember that Google’s AdWords team will never send an unsolicited message asking for your password or other sensitive information by email or through a link. If you’ve received a phishing email that attempts to fraudulently collect passwords, credit card numbers, or other sensitive information, please report it to Google immediately by completing the Report Phishing Form
Tips to protect yourself from phishing:
1. Don’t reply to, or click links within, emails that ask for personal, financial, or account information.
2. Check the message headers. The ‘From:’ address and the ‘Return-path’
should reference the same source.
3. Instead of clicking the links in emails, go to the websites directly by typing the web address into your browser, cut and paste, or use bookmarks.
4. If on a secure page, look for “https” at the beginning of the URL and the padlock icon in the browser.
5. Use a browser that has a phishing filter (Firefox, Internet Explorer, or Opera).
6. Use strong passwords. A strong password should be unique; include letters, numbers, and symbols; and be changed regularly.
7. If you ever need to change your account information, such as your billing details or your password, you should always sign in to your account from the main AdWords login page (https://adwords.google.com) and make the changes directly within your account.
For more information on phishing, please visit see this section at Google AdWords Help
Malware
Malware is malicious software that attempts to steal sensitive information from your computer, send spam, or commit fraud. To protect your computer from malware, keep your computer’s antivirus, spyware, browser, and security patches up to date and regularly run system scans. If you need more information about software that can help detect and remove malware from your computer, visit Google AdWords Help section on strange behavior and malicious software.
Unauthorized Access
Someone may have gained access to your computer and made changes to your account when your computer was left unattended. For more information, visit OnGuardOnline.gov, which provides practical tips from the United States federal government and the technology industry to help you be on guard, secure your computer, and protect your personal information against internet fraud.
September 24, 2008
