Recently, there have been reports that AdWords users have received fraudulent emails that appear to be from Google – but they are not. These fraudulent emails (otherwise known as “phishing emails”) ask users to update their billing information, edit their account information, review a disapproved ad, or accept new AdWords terms and conditions. Please be mindful of these fake emails, and as my Google Adwords representative has said, “Please remember that Google’s AdWords team will never send an unsolicited message asking for your password or other sensitive information by email or through a link.”
You can identify the fraudulent emails because they will come from this address: firstname.lastname@example.org. Edit: Thanks to one of our fantastic readers, they pointed out that your daily reports come from this email. So, the emails even come from an apparent “valid” address, but don’t be tricked; Google will never send you an email to ask for information.
Also, my Google respentative provided a helpful list of tips for avoiding phishing scams in general, and I thought I’d share them with you:
Tips on how to avoid phishing:
- Don’t reply to or click on links in emails that ask for personal, financial, or account information.
- Check the message headers. The From: address and the Return-path should reference the same source.
- Instead of clicking the links in emails, go to the websites directly by typing the web address into your browser, cut and paste or use bookmarks.
- If on a secure page, look for “https” at the beginning of the URL and the padlock icon in the browser.
- Keep your computer’s antivirus, spyware, browser, and security patches up to date and regularly run system scans.
- Review your accounts regularly and check for unauthorized activity.
- Use a browser that has a phishing filter (Firefox, Internet Explorer, or Opera).
For further reading on these phishing emails, you can check out this helpful post over at Google’s blog.