Friday, November 07, 2008

Adwords email scam ALERT!!!!

I don't know about you, but once in a while I see an email scam come through that's pretty darned good. This one almost got me last night.

I was working along doing many things along the way with my computers, email, audio files, etc when I check my email and see one from Google talking about my Adwords account.

Now, truth be told I am an Adwords user for a number of years and even used to monitor accounts for clients (stopped doing that service offering as it's very time consuming).

The email said something about we could not complete a charge for something, please update your billing information. I looked at it checked a few things and something told me to stop and not click anything.

I was working on my Macintosh which is not as sensitive as some when it comes to email and link clicking so I decided to investigate some things. Am glad I did not click.

What I did is what EVERYONE should do when you receive an email from ANY Organization asking you to update your billing information. Go right to the site by opening a web browser and NOT by clicking a link in the email.

So, I did, went into my Google Adwords account and did some checking. No ads active, no campaigns running, so then I emailed google from inside the account, and did some checking.

A Phishing scam via email just begging me to click a link. I dug deeper using some tools at my disposal. Some hack in Japan was the perpetrator.  Now not everyone has the tools that I do to track these things, and I don't have the time or inclination to start a service to do so...unless people find that helpful and want to subscribe to such a thing...hmmmm now there's an idea that could get funded :)

Anyhow let me share with you some tips for success in dealing with things like this:

1. If you receive an email asking you to update your password, email address, billing information, BE SUSPICIOUS.

2. Do NOT click ANY LINK in the email. Not even to "test things out". If you DO, immediately close your email program and run your virus scanning/malware scanning program. If you don't have one, GET ONE NOW.

3. DO after NOT clicking any link in number 2, Go to your browser, open up the site and log in, check your account to make sure nothing is out of the ordinary. Contact the company that the account is with and let them know about the activity. They will generally provide you an email address to send the suspicious email to. Do this following their instructions.

4. **If you clicked a link in item 2, DO NOT DO item 3. Your computer is infected, Make sure to scan it and REMOVE any infections prior to logging into your account.

Yes this is scary stuff, but it's out there. If the email you get says "Dear Member" or "Dear USER" it's NOT legit. Don't trust it.

Places like EBAY, PAYPAL are large enough and secure enough that they have your full name and will ALWAYS address you by it in communcations. They will never call you member or user. Phishing people will.

If you receive one of these adwords emails, forward it to the following address at google:

Phishing@google.com

They will take things from there.

Thanks for taking time to read.

Michael Murdock, CEO
DocMurdock - Internet Business Consulting