| 5:01 pm on Mar 21, 2008 (gmt 0)|
Got two emails today - first time. Pointing to .cn site.
| 5:42 pm on Mar 21, 2008 (gmt 0)|
In this case - or any other similar case - if you see what you suspect to be phishing email intended to look as if it came from Google AdWords, I hope you will take a few minutes to send all the pertinent details to the AdWords support team.
Thanks in advance!
| 6:06 pm on Mar 21, 2008 (gmt 0)|
AdWordsAdvisor I am not an active adwords user, can you sticky me the email address and I will forward it on
| 11:35 pm on Mar 21, 2008 (gmt 0)|
|AdWordsAdvisor I am not an active adwords user, can you sticky me the email address and I will forward it on |
Excellent - thank you, wheelie34.
If you do not have an AdWords account, please use the link below (which may also found at the bottom of each page in the AdWords Help Center in case you ever need it again) and select the 'other' radio button.
| 12:55 pm on Mar 23, 2008 (gmt 0)|
I received one of these and forwarded it to firstname.lastname@example.org
| 3:32 pm on Mar 24, 2008 (gmt 0)|
I got the same e-mail last night. Of course, I didn't click on the link, but did go directly to Adwords to see if it was right out of curiosity and it was still right. So, I just deleted it and said to myself...yet another paypal type of phishing attempt. Sigh.
| 1:27 pm on Mar 26, 2008 (gmt 0)|
I just got ANOTHER one last night. Sheesh, and they can't even spell right in the subject line, LOL. Other than that is looks EXACTLY like a Google mail. But, rollover the link and sure enough it goes to some .cn domain. Be careful, people!
| 6:28 pm on Mar 26, 2008 (gmt 0)|
Yes nasty. I got one on a yahoo mail
| 6:54 pm on Mar 26, 2008 (gmt 0)|
I got one of these the other day. It was obviously a phishing attempt, so I ignored it and forgot about it until just now.
I did wonder, though: where did they get the email addresses?
| 7:29 pm on Mar 26, 2008 (gmt 0)|
|I did wonder, though: where did they get the email addresses? |
I've received a couple of emails at addresses that are not associated with my AdWords account, and no email to the actual address I use for AdWords. So it's not as if they somehow got a list of AdWords users' email addresses. They probably bought a general list of email addresses from the same source as other spammers and fraudsters.
| 8:54 pm on Mar 26, 2008 (gmt 0)|
|So it's not as if they somehow got a list of AdWords users' email addresses. |
The one I got was to my Adwords email address. It's an address that I use only for that purpose.
It wasn't about updating account information though.
I know we're not supposed to post emails here. But maybe the moderators will indulge me with posting an excerpt of an email from an anonymous phisher.
Anybody else get this one?
|Special Notification. |
Dear Internet User, We are happy to inform you that your email address have emerged winner of
(EUR 750,000) in Europe Lottery Award.
The online cyber draws was conducted from an exclusive list of 500,000 email addresses of
individuals and corporate bodies picked by an advanced
automated random online selection from
the web. No tickets were sold.
It goes on to give contact information - a name, phone number, and email address. And, then, the punch line:
|Your prize award has been insured with your email address and will be transferred to you upon meeting the requirement |
of the gaming board authority which includes your statutory obligations
Your "statutory obligations" would, presumably, be pre-payment of the "taxes" on your "winnings".
Don't think anybody here would actually fall for this one...
| 9:04 pm on Mar 26, 2008 (gmt 0)|
I got 2 of them - both different .cn domains. Forwarded them both to what I thought was Google's security team, but not sure if I forwarded to the correct address(es) - I think I forwarded to abuse, spam and/or security ...
Both were sent to an address I use for very few things - and my Adwords account is not one of them.
[edited by: MamaDawg at 9:08 pm (utc) on Mar. 26, 2008]
| 10:35 pm on Mar 26, 2008 (gmt 0)|
actually that email was pretty useful. I moved so my address was wrong in their system.
| 11:02 pm on Mar 26, 2008 (gmt 0)|
JTara, I got that same message from someone. I announced my good luck to my coworkers and then deleted it. :)
| 11:59 pm on Mar 26, 2008 (gmt 0)|
I get those every day.
This thread is about the specific adwords-account-information-targetted mail.
| 3:40 am on Mar 27, 2008 (gmt 0)|
Yes, this sort of mail comes to me almost every two days. Now I delete it without opening it
| 6:31 am on Mar 27, 2008 (gmt 0)|
The AdWords spoof site was very well done. Very Realistic..must have caught a few unwary guys.
It is blocked now. Google seems to have been able to get it blocked. It now comes with a notification that it is a 'suspected web forgery'. (on firefox)
| 9:16 am on Mar 27, 2008 (gmt 0)|
I investigated adwords and decided not to proceed. From the message titles I assumed it was a genuine contact from G because the account was dormant but just let Mailwasher zap it unopened as I wasn't interested. Maybe i'll have a look at the headers if I get another.
| 10:40 am on Mar 27, 2008 (gmt 0)|
I have received a number of these emails, interestingly sent to an email address *completely unique* to my SnapNames.com account. So someone has picked up my email address from their database (don't suppose everyone else has used snapnames in the past?)
(ps no - Snapnames has never been successful for me, so it's not from the WHOIS etc...)
| 2:35 pm on Mar 27, 2008 (gmt 0)|
Oops - apologies to Snapnames if you read the previous message... I meant Snapfish.com in my post before (the photo service from HP).
(can't edit post above, but hopefully this clears things up)
| 6:22 pm on Mar 27, 2008 (gmt 0)|
I am reassured that I am not the only one to receive this phish.(I have now had 5 of these). I had a much cleverer attempt a few months ago and when I posted on this forum, no-one else seemed to have received it. It did not ask for billing deatils, which is fairly obvious, but told me that an ad had been disapproved - which if you think about it is much more likely to get a response. I guess they were after login details and planned to attack the site another time. Anyone else had one of those? Anyone know what was planned by obtaining login info?
| 9:57 am on Mar 28, 2008 (gmt 0)|
While not a phishing email, I got sucked in yesterday by a very convincing googleclassifiedsonline.com - the domain is registered to someone in Malaysia. It only asks for an email address, so I should expect more spam.
| 10:32 am on Mar 28, 2008 (gmt 0)|
And my unused hotmail address has just had one in Spanish entitled "Verificacao de e-mail do google"
| 12:11 pm on Mar 28, 2008 (gmt 0)|
Today I got a phishing-email from .cn Domain.
Subject-Line: Your AdWords Google Account is stoped
I passed it on to the Support-Form of Google AdWords with full details.
| 2:17 pm on Mar 28, 2008 (gmt 0)|
Got ANOTHER one last night. It's getting ridiculous. Same thing except they fixed the spelling in the subject line, LOL. Maybe they are reading this? Phew, the rage I have for spammers...if I caught one in person I hope someone would hold me back because road rage has nothing on spammer/scammer rage, LOL.
| 10:48 am on Mar 29, 2008 (gmt 0)|
AWA- URGENT please
My UK credit card statement usually says "Google Ltd email@example.com when money is taken off. Now it is saying "PTI Europe Region GBP firstname.lastname@example.org" Has the UK/European ofice changed its billing info this way or is someone else taking money off my card? With all this phishing right now, it is a strange time to be changing billing details on credit card statements. The adwords account looks fine.
| 11:22 pm on Mar 29, 2008 (gmt 0)|
Search this: [google.com...]
Various people are saying these payments are variously: AOL Amazon Napster Google(Adwords) Yahoo WeightWatchers Vistaprint Ancestry and it started on 19th March.
PTI Europe are based in Twickenham, England and are nothing to do with this.
It's happening all over the UK. Initially thought to be just Abbey (bank) customers but actually hitting lots of other banks.
Have also seen suggestions you do a search for Infostealer.Bancos which is high risk too.
| 11:43 pm on Mar 29, 2008 (gmt 0)|
Several sites report that this is to do with companies that use J P Morgan as payment processor. Others are saying the problem seems to be with a company called 2Checkout.com in Columbus, Ohio.
During the period of March 19 – March 25, European customers’ credit card statements may have indicated a transaction from an unknown merchant, “PTI Europe” or “PTI Europe Region”. This notation is a technical coding error from the credit card payment processor for our company. This error will be reversed and corrected with the proper Merchant information on their statements on or before April 1.
| 8:30 am on Mar 30, 2008 (gmt 0)|
Thanks all this make sense- bad timing though. I have had a credit now from PTI Europe, but no new debit.
| This 36 message thread spans 2 pages: 36 (  2 ) > > |