Google adwords account hacked.

**Leeky** · 29-08-08

Just logged onto ou google adwords account, which we very rarely use only to discover a new campaign set up as 'campaign#1' with £16,000 a day budget, 347 keywords and been costing £3.47 a click.

Ive no idea how they got the password, it is completely unique and not used anywhere else.

Thankfully it only come to £80 before i noticed it.

I have deleted the campaign and what I thought to be on the safe side I have cancelled my google adwords account... and obviously wrote to google.

The problem is on cancelling the account I get this message....
"Your ads will stop showing within one hour. If you decide to run your ads again, you can login to AdWords and reactivate your account at any time."

So basically what is the point of cancelling the account if the hacker can log back in and e-activate it???

I couldn't find out how to remove the debit card details either... bloody internet!!!

Lee

**DavidCartlidge** · 29-08-08

Originally Posted by Leeky

I couldn't find out how to remove the debit card details either... bloody internet!!!

You can't - you can only replace it....

You are forced to contact them to do that

**Leeky** · 29-08-08

Well isn't that just great.

Can't cancel account because all you have to do is re-activate it, and can't remove debit card.

Google adwords must be the most dangerous place on the internet. I wonder how many thousands people have lost even after they discover their google adwords account has been hacked... its disgusting.

Well ive already contacted google, wonder how many months it will be before I even get a reply from a toaster, it certainly wont be a human.

Lee

**Mike_Scott** · 29-08-08

Hi
Surely with a little investigating on the info where the traffic was sent, you can be on your way to catching and prosecuting the Little Ba**ard!

Good job you caught it early on - Hope you find them

Mike

**deanh12** · 29-08-08

I know what you mean when it comes to deleting an account. I recently terminated an account for a client only to find out a simple login and click of a mouse would re-active it, surely it should be re-worded to temporary termination to be more accurate.

**Travel Pixel** · 29-08-08

This is an issue that has affected us over the last few days. A hacker got into our account and setup a campaign promoting anti-virus products. They spent around £6100 in about 10 hours.

I was suprised, to say the least, to discover this when I checked in the morning!

Luckily, Google have been very helpful in the matter (of course I did shout at them - that may have helped..) and all costs have been written off or refunded.

How they got our password im not sure but it was either some sort of malware or a phishing email I must have clicked on.

Be on your guard.

Dave

**Leeky** · 29-08-08

It seems like the same people who hacked ours, ie. spyware, antivirus keywords.
The strange things is the domain they were sending the traffic through was xp-2008.com which is not even registered??

They got just 24 clicks which cost around £80.

Its amazing how they get away with it.

Lee

**tbp** · 30-08-08

This is the second account in a week i`ve heard of getting hacked, so looks like theres something going on.

One thing i`ve found odd all year, is that I`ve had loads of those Google Adwords fishing emails - Nothing odd about that in itself, but out of over 30 email accounts that I have, they ONLY go to the 6 that i`ve used with adwords account. These email addresses were only used for adwords, and so were never available publicly.

So how did the phishers get these email addresses?

**tijan** · 31-08-08

Hi Leeky, If you find it difficult removing your card on file, why dont you just replace it with 340000100000067 sort of digits and be rest assured google wont be able to demand any payment from your bank.

The internet is not safe, i dont fool myself so i dont leave funds in bankcards i use with any internet services, be it domain hosting, paypal, adwords ect. I transfer fund from my savings to cards i use for those services anytime and whenever i want to make payment. So even if someone logged into my adwords and exhause £1m in ad spend in 1 sec no fund can be transferred without my knowledge. You may wish to adopt that idea when you do business on the internet.

Tijan Penpee

**DioBach** · 31-08-08

Originally Posted by tijan

Hi Leeky, If you find it difficult removing your card on file, why dont you just replace it with 340000100000067 sort of digits and be rest assured google wont be able to demand any payment from your bank.

You get an invalid number error if you do something like the above. You can change the security number and set the expire date to next month to disable your current card though

**dh5894** · 01-09-08

just cancel your card that you use to pay with then order a new one and theY shouldn't be able to take any payments.
--<br>Posted via my Mobile Device

**Leeky** · 01-09-08

Originally Posted by dh5894

just cancel your card that you use to pay with then order a new one and theY shouldn't be able to take any payments.
--<br>Posted via my Mobile Device

If we cancel the card then we will need to go through everything we have the card registered with, which is a lot of wesites, it is something we can do but it would be the very last resort.

Google still hasn't contacted us after writing two emails to them, we have received two canned replies (one explained how to cancel the account which was a reply to an email complaining that canceling the account doesn't actually cancel it), and a customer satisfaction survey asking if we are happy how they dealt with the matter.

Lee

**amisuggests** · 01-09-08

Contact your card provider and block payments to the adwords account
You must inform Google as well you are doing this and let them know what your reasons are

**Dynamoo** · 04-09-08

Probably these guys - Russian Business Network - Wikipedia, the free encyclopedia

One weakness with AdWords is that way that Google likes to roll all "Google accounts" into one. This can make it easy to guess the email address connected with the account, and you don't necessarily need to do an "AdWords phish" to get it.

Of course, your PC could already be compromised with something.. try running the F-Secure Online Scanner to check your system.

One thing.. if you DO find that has happened, do NOT visit the target site unless you are familiar with dealing with malware. These bad sites can sometimes infect your machine by exploiting all sorts of out-of-date software that you might not even know you had installed.