AdWords
5.2K members online now
5.2K members online now
Understand Google's advertising policies, including ad approval status and account suspension
Guide Me
star_border
Reply

Another Phishing Ad for AdWords account logins - 4th case

Collaborator ✭ ✭ ✭
# 1
Collaborator ✭ ✭ ✭

Hello,

 

Similar to the case I have exposed on 18 june 2015, today I am seeing another AdWords Ad which has a legitimate Display URL from a Google domain  accounts.google.com , and could easily fool users to give their adwords login details. 

 

The detail which exposes the scam is the destination URL which is http://evac53.ru/tmp/adw/ after clicking the AdWords Ad .

 

I have tested with the ad preview on which language setting appears this ad and it is English language, not Romanian language.

 

Here is the Ad screenshot , found on the search term "adwords forum" typed from location Bucharest, Romania and the click string ID . I find it interesting that the URL from the click string is another domain "adurl=http://fenix-perm.ru/infos.php "

 

http://www.google.ro/aclk?sa=L&ai=CO-1czTaNVcCpEqPn7QbNzYfICsWXgbMGpfiV_5MC5OWwBQgAEAFgg6XhhegbyAEBq...

 

adwords-login-phishing-ad-no4.png

 

Here is the landing page URL which imitates the login :

 

landing-page-phishing-ad-no4.png

 

 

Please escalate this to whoever can stop it.

1 Expert replyverified_user

Re: Another Phishing Ad for AdWords account logins - 4th case

Top Contributor
# 2
Top Contributor
Ohhh... Those guys are restless....
Forwarded to the scam fight team at Google.
Thank you!
Moshe, AdWords Top Contributor , Twitter | Linkedin | Community Profile | Ad-Globe
Did you find any helpful responses or answers to your query? If yes, please mark it as the ‘Best Answer’

Re: Another Phishing Ad for AdWords account logins - 4th case

Collaborator ✭ ✭ ✭
# 3
Collaborator ✭ ✭ ✭

Thank you, I find it amazing that they can use as display URL a valid google domain which can easily fool the majority of users who do not pay attention to the final URL. There must be a bug in the system.

Re: Another Phishing Ad for AdWords account logins - 4th case

Collaborator ✭ ✭ ✭
# 4
Collaborator ✭ ✭ ✭

I see a connection with all the previous cases being active ads during Thursday, Friday or Saturday.

 

Google has a security weakness because they shut down their direct communication lines with the users over the weekend (chat, phone ) and nobody can make an urgent complaint about such phishing Ads which have the potential to gather hundreds of clicks globally in 3 days if not caught rapidly.

 

Is there a way to ask for a special emergency complaint form or chat line just for such ads and by this to eliminate this communication weakness ?

Re: Another Phishing Ad for AdWords account logins - 4th case

[ Edited ]
Top Contributor
# 5
Top Contributor

Hi @Adrian B;

This was forwarded to Google through a dedicated communication channel open 24/7.

But, yet, once escalated,  we have no control over Google's internal processes or Google's time frame. (And if broken I am certainly not in a position to fix  them...)

 

Do you still see the ad?

 

 

[Edited]; assuming that the ad is still shown, I escalated the case again and stressed the urgency.

Moshe, AdWords Top Contributor , Twitter | Linkedin | Community Profile | Ad-Globe
Did you find any helpful responses or answers to your query? If yes, please mark it as the ‘Best Answer’

Re: Another Phishing Ad for AdWords account logins - 4th case

Collaborator ✭ ✭ ✭
# 6
Collaborator ✭ ✭ ✭

No I do not see the ad now, I was just saying as a general observation , an improvement request. 

 

I thought : what If someone else in another country sees such ads during the weekend or friday night , observes that the Ads are a security threat to the users from an entire country yet the good user has no way to contact google as an emergency even if they want to.

 

It would be very good for Google to initiate a special security chat line just for security threatening Ads , open 24/7 for complaints like this one. 

Even if Google would receive only 1 complaint per month globally on such an emergency line, it would help to quickly secure maybe hundreds of accounts who risk their login data.

 

Even adding a new option for these phishing cases in the Ad complaint form would be a step forward. I do not see a "feedback button" on the page of that form, so I cannot send this proposal directly to google editors.

Re: Another Phishing Ad for AdWords account logins - 4th case

Top Contributor
# 7
Top Contributor

@Adrian B;

A  link to this thread and your post was included in the case forwarded to Google.  If Google decides to comment publicly, they will reply here.

Moshe, AdWords Top Contributor , Twitter | Linkedin | Community Profile | Ad-Globe
Did you find any helpful responses or answers to your query? If yes, please mark it as the ‘Best Answer’
Marked as Best Answer.
Solution
Accepted by topic author Adrian B
September 2015

Re: Another Phishing Ad for AdWords account logins - 4th case

Top Contributor
# 8
Top Contributor

@Adrian B;

Google reported back that the issue was resolved, and the scammer was removed.

They are investigating the "crack"  / breach which allowed the scam.

Moshe, AdWords Top Contributor , Twitter | Linkedin | Community Profile | Ad-Globe
Did you find any helpful responses or answers to your query? If yes, please mark it as the ‘Best Answer’