Data released today from TrendLabs, Trend Micro’s global threat research and support organisation, reveals a new phishing attack targeted at Google AdWords users intended to steal sensitive information.
In an attempt to capture banking information, users receive an e-mail notification informing them that their last payment has not been successful and asking them to update their payment information for Google AdWords. The link displayed in the email body is the legitimate one (hxxp://adwords.google.com/select/login), however on closer inspection, the actual website accessed, is a compromised site hosted across a number of different countries including Romania, Brasil and Canada.
Google’s rising popularity has led to hackers intensifying their attacks on the company’s websites, following recent attacks on Google Calendaring system.
Rik Ferguson at Trend Micro says: “In many ways Google can be seen as a victim of its own success, as their market share has increased along with the variety of products and services they offer, so their value to the cybercriminal as a platform to exploit has grown alongside it. Given the fact that today’s cybercrime motivation has shifted from a misplaced sense of “l33t h4x0r” pride to a sole focus on the business of generating cash; the threat to any successful platform is clear.”
He continues to point out that: “Cybercrime and Malware in today’s world is big business, and one that increasingly closely resembles the world of legitimate business, right down to outsourcing, R&D budgets, Malware as a Service platforms, SLAs and even EULAs. In this world of business it would definitely be fair to say that as the market share expands and the user base grows, so does the perceived “investment potential” to the cybercriminal. Its all about Return on Investment.”
Trend Micro encourages all business and end users to demonstrate extra caution when receiving unexpected communication about Google AdWords accounts.
For more information, please visit: http://blog.trendmicro.com/google-adwords-phishing/
