I received the following phishing email:
From: reactivation@google.com
Subject: Please Update Your Billing Information.
Date: October 11, 2008 12:44:39 PM EDT
To: mike@blumenthals.comHello,
Our attempt to charge your credit card for your
outstanding Google AdWords account balance was declined.
Your account is still open. However, your ads have been suspended. Once
we are able to charge your card and receive payment for your account
balance, we will re-activate your ads.Please update your billing information, even if you plan to use the
same credit card. This will trigger our billing system to try charging
your card again. You do not need to contact us to reactivate your
account.To update your primary payment information, please follow these steps:
1. Log in to your account at http://adwords.google.com/select.
2. Enter your primary payment information.
3. Click ‘Update’ when you have finished.Thank you for advertising with Google AdWords. We look forward to
providing you with the most effective advertising available.——————————————————————————-
This message was sent from a notification-only email address that does
not accept incoming email. Please do not reply to this message. If you
have any questions, please visit the Google AdWords Help Centre
———————————————————————–(c) The Google AdWords Team
The link goes to http://www.adwords.google.com.vfikj.cn/select/Login/ where a convincing login (screenshot) and credit card request (screenshot) are presented.
Thanks for that Mike, warning some of my clients now.
BTW, the second screenshot link is a 404.
Comment by Stever (206 comments) — October 11, 2008 @ 4:41 pm
make sure you submit and notify this one. it might be new:
http://adwords.google.com/support/bin/request.py?ctx=cuffhelp&contact_type=phishing&hlrm=en_US
Comment by martijn (77 comments) — October 11, 2008 @ 4:56 pm
@Stever- thanks for noticing the 404. I had to run out the door and didn’t get the 2nd shot up. It is now
@Marti[J]n – I had sent an email to my lone google contact but your url is better. Thanks. As of 10:42 pm EDT it is still up.
Mike
Comment by Mike (2500 comments) — October 11, 2008 @ 9:33 pm
[...] Blumenthals received the same e-mail. [...]
Pingback by » Google AdWords: Don’t Click That Link! Pay Per Click Journal - Pay Per Click Advertising Blog — October 12, 2008 @ 7:22 am
Glad to see that I’m not the only one getting a bunch of these each day, it was very nearly the first phishing scheme I fell for, I even emailed by Google rep asking why my account would be having a problem before I noticed the actual destination URL was a “.cn” site.
Comment by CJ (6 comments) — October 13, 2008 @ 1:33 am
@CJ
It was very convincing wasn’t it. I too was taken in by the email and before I examined it carefully, I thought, “darn, my credit card must be expiring”.
Which was the reason that I published it. It is obviously will have sucked a fair number of people in.
Mike
Comment by Mike (2500 comments) — October 13, 2008 @ 6:27 am
Thank you Mike. It is a nearly perfect con except for the .cn domain extension. I love the ones that go to ‘undisclosed recipients’ in the plural!
Geoff D.
Comment by Geoff Dodd (2 comments) — January 29, 2009 @ 12:18 am