A long time ago, when we first detected a Google AdWords phishing scam, it all looked like a shy attack because nobody could ever think that it would last several months. Even if phishing websites have been shut down, attackers are continuously creating new ones, which simply follow the same line: malicious emails sent to AdWords customers which ask them to login into their accounts in order to update the information. Obviously, there's also a link to a fake Google AdWords page which waits for you to enter the login credentials.

A similar scam has been spotted on the web by security company F-Secure, the attack having the same characteristics as the old ones: malicious emails are sent to the customers in order to bring them to a fake Google AdWords page hosted on a China domain. As expected, the fake website looks just like the genuine one and you can hardly spot a difference between them, but all you have to do in order to notice that it is only a phishing scam is to check the browser address bar which reveals the link of the website.

Since it's not hosted by Google, it's clearly a fake. Moreover, the established connection is not secure, as in Google's case, so it is pretty hard to get phished if you simply look for these elements. In addition, several web browsers, including Mozilla Firefox and Microsoft Internet Explorer, come with anti-phishing protection, so notifications concerning the fake website should appear once you load it.

Moreover, there are several stand-alone anti-phishing solutions out there which could prove to be extremely useful in case you're about to disclose your private details to someone on the Internet. And honestly, giving your AdWords account login credentials to a phisher isn't quite a smart idea...