Recently we blogged about AdWords account hijacking, and one of our clients forwarded us an email message that shows the phishing scam that is most likely the cause. The email looks like official communications from AdWords that is notifying the user that their most recent payment did not go through properly. The email contains a link that appears to go to AdWords, but it really goes to a website in China that looks like the AdWords login page. If you enter your username and password, they now have access to your AdWords account.
How to Avoid Phishing Scams
Phishing scams work by looking like legitimate websites and using links in email that look like they go to legitimate websites. Whenever you receive an email from someone claiming to be AdWords, your bank, PayPal, or any other organization that requires you to login, do not click on the link in the email unless you are absolutely sure it goes to the right place. Instead, we recommend typing the address of the site in your browser. E.g. to check your AdWords balance, go to www.paypal.com.