Security experts at Trend Micro have warned of a Google AdWords phishing
attack designed to steal sensitive information.
Victims of the scam receive an email notification informing them that their
last AdWords payment has not been successful and asking them to update their
payment information.
The link displayed in the email body appears to be legitimate, but is
actually a compromised site hosted in a number of different countries including
Romania, Brazil and Canada.
Trend Micro believes that Google's huge popularity has led hackers to
intensify attacks on the company's websites, following successful attacks on
Google Calendar.
Rik Ferguson, solutions architect at Trend Micro, said: "In many ways Google
can be seen as a victim of its own success.
"As its market share has increased along with the variety of products and
services it offers, so its value to the cyber-criminal as a platform to exploit
has grown.
As the market share expands and the user base grows, so does the perceived 'investment potential' to the cyber-criminal
Rik Ferguson Trend Micro
"Today's cyber-crime motivation has shifted from a misplaced sense of 'l33t
h4x0r' pride to a sole focus on the business of generating cash, so the threat
to any successful platform is clear."
Ferguson added that cyber-crime and malware increasingly resemble the world
of legitimate business, right down to outsourcing, R&D budgets,
malware-as-a-service, service level agreements and even end-user license
agreements.
"As the market share expands and the user base grows, so does the perceived
'investment potential' to the cyber-criminal. It is all about return on
investment," he said.
Do you agree?
Have your say on this article