Google has reported phishing attempts that falsely appear to be from firstname.lastname@example.org that ask users to update their billing information, take action on a disapproved ad, edit their account, or accept new AdWords terms and conditions.
Here are some tips (edited in some cases] from Google to help keep your AdWords account safe. This information is important because any online account can be targeted by phishers, including online advertising accounts.
- Google’s AdWords team will never send an unsolicited message asking for your password or other sensitive information by email or through a link.
- Don’t reply to or click on links in emails that ask for personal, financial, or account information. Always sign in to your AdWords account from the main AdWords login page at https://adwords.google.com and make any changes, such as your billing details or your password, directly within your account rather than clicking on links in suspicious emails.
- If you receive a phishing email, please report it to Google by completing the Report Phishing Form: http://adwords.google.com/support/bin/request.py?ctx=cuffhelp&contact_type=phishing
Here are some other tips from Google to avoid phishing:
- Check the message headers. The From: address and the Return-path should reference the same source
- If on a secure page, look for “https” at the begining of the URL and the padlock icon in the browser.
- Keep your computer’s antivirus, spyware, browser, and security patches up to date and regularly run system scans.
- Review your accounts regularly and check for unauthorized activity.
Google has compiled some more tips on their blog to help protect you from phishing: http://googleblog.blogspot.com/2008/04/how-to-avoid-getting-hooked.html