Official Phishing Notice From Google

You or your clients may have noticed recently that there have been emails appearing in your inboxes which look like an official email from Google asking you to update your billing details. It would seem that this is a phishing exercise. It must be on quite a large scale as Google have now approached their Adwords advertisers with an official email on the subject.The content of this email can be seen below. You have been warned.

Hello,

At Google, we take the safety of our users very seriously, and we work hard to ensure that your accounts are secure. As part of those efforts, we recently compiled some tips on our blog to help protect you from "phishing," which is an attempt to fraudulently collect passwords, credit card numbers, and other sensitive information: http://googleblog.blogspot.com/2008/04/how-to-avoid-getting-hooked.html

This information is important because any online account can be targeted by phishers, including online advertising accounts.

There are currently reports of phishing attempts that appear to be from adwords-noreply@google.com. These fraudulent emails ask users to update their billing information, take action on a disapproved ad, edit their account, or accept new AdWords terms and conditions. Please remember that the Google's AdWords team will never send an unsolicited message asking for your password or other sensitive information by email or through a link.

If you need to change your account information, such as your billing details or your password, always sign in to your AdWords account from the main AdWords login page at https://adwords.google.co.uk and make the changes directly within your account.

We've included more information below on how to avoid phishing. If you have any questions, please don't hesitate to contact us at http://adwords.google.co.uk/support/bin/request.py?ctx=cuffhelp.

Sincerely,
The Google AdWords team

--

Tips on how to avoid phishing:

- Don't reply to or click on links in emails that ask for personal, financial, or account information.
- Check the message headers. The From: address and the Return-path should reference the same source.
- Instead of clicking the links in emails, go to the websites directly by typing the web address into your browser, cut and paste or use bookmarks.
- If on a secure page, look for "https" at the beginning of the URL and the padlock icon in the browser
- Keep your computer's antivirus, spyware, browser, and security patches up to date and regularly run system scans.
- Review your accounts regularly and check for unauthorised activity.
- Use a browser that has a phishing filter (Firefox, Internet Explorer, or Opera)

If you receive a phishing email, please report it to Google by completing the Report Phishing Form: http://adwords.google.com/support/bin/request.py?ctx=cuffhelp&contact_type=phishing