Phishers target Google AdWords users

Security experts at Trend Micro have warned of a Google AdWords phishing attack designed to steal sensitive information.

Victims of the scam receive an email notification informing them that their last AdWords payment has not been successful and asking them to update their payment information.

The link displayed in the email body appears to be legitimate, but is actually a compromised site hosted in a number of different countries including Romania, Brazil and Canada.

Trend Micro believes that Google's huge popularity has led hackers to intensify attacks on the company's websites, following successful attacks on Google Calendar.

Rik Ferguson, solutions architect at Trend Micro, said: "In many ways Google can be seen as a victim of its own success.

"As its market share has increased along with the variety of products and services it offers, so its value to the cyber-criminal as a platform to exploit has grown.

"Today's cyber-crime motivation has shifted from a misplaced sense of 'l33t h4x0r' pride to a sole focus on the business of generating cash, so the threat to any successful platform is clear."

Ferguson added that cyber-crime and malware increasingly resemble the world of legitimate business, right down to outsourcing, R&D budgets, malware-as-a-service, service level agreements and even end-user license agreements.

"As the market share expands and the user base grows, so does the perceived 'investment potential' to the cyber-criminal. It is all about return on investment," he said.

See also:

Storm botnet blows itself out

But overall malware volumes still rising fast  01 May 2008

Third of UK surfers banking online

Brits seem unfazed by security concerns  29 Apr 2008

Infosec: Surfers wary of using credit cards online

Confidence plummets as attacks soar  24 Apr 2008

Infosec: Rock Phish threat deepens

Hugely successful malware gets a new twist  23 Apr 2008

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!