Account Hijacking policy update
Hi there! My name is Karen Mathias and I'm part of the Ads Quality team.
Account takeover is one of the more prevalent forms of fraud used by identity thieves. It occurs when a hijacker obtains an individual’s personal information such as an account number, password, or username and makes unauthorized changes to an AdWords Account.
To counter this, it's a good idea to regularly log into your AdWords account to check for any unexpected or unauthorized activity, such as changes to your ads or budget. Adwords has a feature than can help you manage who has access to your account by assigning unique logins and passwords to each user. All you need to do is send an invitation via email, and users will be prompted to choose a unique password. It’s a good idea to only grant the lowest level of permissions that each user needs, and don’t forget to change the default invitation password regularly. It’s also important to regularly update the user permissions to make sure inactive users or employees who are no longer with the company don’t have access to your AdWords account.
These precautions take a little extra work, but they are worth the effort. Setting up individual permissions will help you:
1) Keep track of who has access to your account
2) Better manage your account
3) Limit the number of people making changes to your account and prevent unwanted changes
4) Find the source of a security leak or account change by identifying the user associated with the login
To get started, click the gear icon on your AdWords account, choose "Account settings," and click “Access.”
Google won’t mediate or adjudicate disputes between known third parties, and unwanted changes made by former employees, spouses, or other family members are not considered hijacking. In case of a third party dispute, contact the Admin for the account. If you believe the Admin in question is unlawfully restricting access to your account, we recommend you contact law enforcement.
Please post questions below.