The email link takes the visitor to http://adwords.google-sn.com domain (remaining URL details removed to protect readers)

http://whois.domaintools.com shows the domain was registered the same day the email was sent, and presumably the details are false otherwise I’m sure Ms Eva O’Brien will be hearing from Google shortly:

Domain Name………. google-sn.com
Creation Date…….. 2010-04-01
Registration Date…. 2010-04-01
Expiry Date………. 2011-04-01
Organisation Name…. Eva O’Brien
Organisation Address. 13343 Mount Castle Dr.
Organisation Address.
Organisation Address. Farmers Branch
Organisation Address. 75234
Organisation Address. TX
Organisation Address. UNITED STATES

Related posts:

1. It persists. Is this a domain scam or not? Recently I received another official looking letter notifying me that...
2. A domain scam or not ? You decide! Is an Aussie company is trying to scam you into...
3. Google AdWords | Conversion based bidding Today Google announced an enhancement to the AdWords  Conversion Optimizer...

Related posts brought to you by Yet Another Related Posts Plugin.

I’ve encountered several ‘hacked’ websites recently and thought it was important to alert you to this disturbing trend.

The two forms of web site hacks I’ve encountered are those flagged by Google and a more furtive cloaked hack.

Flagged publicly by Google
This embarrassing alert is shown to visitors if Google determines your site has been hacked

I’m sure you agree that this is enough to scare off any prospective client, and so is commercially very damaging. Google displays this message if it determines your site has a connection with a known ‘malware site’.

Malware means malicious software, and these sites use devious software to attack security vulnerabilities in your PC when you visit the site. The Google Online Security blog shows that reported malware sites have doubled in 2009 to over 300,000!

Although embarrassing, Google’s message possibly avoids a costly litigious situation should a website visitor have their computer systems compromised and loose business as a result.

BTW Google will also freeze your AdWords advertising campaigns if your site is assessed as associated with malware.

Your website’s ability to promote your business comes to a grinding halt.

Cloaked hacking
Possibly more sinister because you don’t know your website has been compromised, these hacks use your site as a ‘link farm’.

The hackers add links from your site to their target sites to help improve the ranking of their sites. Read more about the value of links here.

The infected sites I’ve stumbled over have links to extreme anti-social and/or sexually explicit sites. Apart from draining your Google PageRank, the links in this case are thankfully not visible to your visitors, but are visible to search engines.
Consequently your site runs the risk of reduced search ranking because as Google advises in its website guidelines:

“…avoid links to web spammers or “bad neighborhoods” on the web, as your own ranking may be affected adversely by those links…”

So these apparently benign links can seriously erode your website’s search ranking.

Am I hacked ?
The most important aspect of this for business owners is how to detect and resolve any of this type of activity before clients or your business is exposed to any risk.

Google’s Safe Browsing Diagnostic provides a quick and easy test to to assess the current status of your site:
www.google.com/safebrowsing/diagnostic?site=

De-hacking your site
If you find there is an issue with your site contact your web developer immediately to address it.

Normally the fix is technically simple; either removing the bad code or overwriting your published website with your offline backup
You do have an offline backup of you website haven’t you?

Declaring ‘All Clear’
You could sit and wait patiently for Google to finally decide that you have eradicated the hack, but during this time your site continues to scare off new and existing customers.

Google WebMasters Tools provides a reconsideration lodgement facility to formally advise Google you have removed the hack. I note also that Bing now has a similar process.

You will need to register your site with Google WebMasters which itself may require assistance your web developer and/or an internet marketer.
It all takes time but eventually you will get the business stealing alert message removed.

Hack Prevention
How can you prevent hacks? There is no simple answer; hackers are increasingly more sophisticated but here is a guide:

• Keep your PC’s virus and spam software up to date
• Change passwords regularly
• Store your website’s access details in a secure location
• Keep off-line backups of your site
• Monitor activity in your site
• Visit your own site occasionally

Summary
The internet provides global exposure to prospective customers as well as villains. Be vigilant and stay informed.

You can subscribe to the Succinct Update here

Related posts:

1. Even advertisements can contain malware! Even advertisements are being hacked now!...

Related posts brought to you by Yet Another Related Posts Plugin.

The email finishes with an offer to get your website ranking in Google.

Client’s initial reactions are that this was a genuine pro-active service provided by the sender, and they felt some obligation to contact them and seriously consider their offer.

The harsh reality is that some software found your site, tested it against potentially irrelevant keywords and then composed and sent you that email.

There’s no caring proactive professional business person behind this; just a spammer using software to try to trick you into contacting them.

Yes, its  spam email masquerading as a proactive service from an allegedly reputable business.

The human(s) responsible are unlikely to actually know of your business; and probably don’t even know that their software sent it to you until of course you contact them.

Do a Google search and you will find that this spam has even been sent to Google themselves claiming to be able to help them improve ranking for  their website !

I think the WebWise blog best sums this up with a quote from Google:   ”reserve the same skepticism for unsolicited email about search engines as you do for ‘burn fat at night’ diet pills or requests to help transfer funds from deposed dictators.”

Related posts:

1. Website hacking on the rise (Republished from Sept Succinct Update) I’ve encountered several ‘hacked’ websites...
2. April fool? No an AdWords scam! Happy Easter to all, Don’t fall victim to this April...

Related posts brought to you by Yet Another Related Posts Plugin.

See email 1 below (Client information removed for privacy)

On face value this appears to be a valuable service, and the administrator’s initial response was of interest, and they referred it to me for a second opinion.

As this client was actively involved in business in Asia they rightly felt this may be an important piece of information for their Asian online presence.

On reading the email I was suspicious (aren’t you ?!) but the website appears as a legitimate Asian domain registrar, and they are not asking for money – not at that stage anyway.

After further discussions the client decided there was no need to acquire the Asian domains and that was that… or so I thought

More recently I’ve received a similar email (see email 2 below) from another client, again allegedly from an Asian domain registrar providing helpful information about a potential domain conflict.

You could image that the disputed domain purchase would then escalate into an auction, facilitated by the helpful registrar and the client would ultimately purchase an unneeded Asian domain, and after paying far more than the standard domain fee.

Am I being paranoid in thinking this is a scam ? I don’t think so!

What do you think ?

Kim Yang or  Tom Xiang are more than welcome to comment also

Cheers
Pete

Subject: Urgent- Dispute of Asia/ China Domains with your entity

(If you are not the person who is in charge of this, please forward to the right person/department. Thank you)

Dear CEO,

We , a registration organization in China, have something to confirm with you. We formally received an application on today. One company called “Spond Investment Corporation” is applying for “<client’s domain> as internet brand and following Asian/.CN domain names to use.

<client’s domain>.asia
<client’s domain>.com.tw
<client’s domain>.hk

<client’s domain>.net.cn
<client’s domain>.org.cn
<client’s domain>.tw

After our initial checking, we found the internet brand and these domain names being applied are as same as your company’s, so we need to get the confirmation from your company. If the aforesaid company is your business partner or your subsidiary company, please DO NOT reply us, we will approve the application automatically. If you have no any relationship with this company, please contact us within 7 workdays. If out of the deadline, we will approve the application  submitted by “Spond Investment Corporation” unconditionally.

Best Regards,

Tom Xiang

Senior Director

Tel:  +0086-21-2973-1795

Fax: +0086-21-5271-5978

http://www.meep-china.cn/

2008-07-17

Email 2 (client identifying information removed)

Dear Sir/Madam,

We are Beijing Anwins Network Service Co., Ltd which is the domain name register center in China. We received a formal application from a company who is applying to register “<client’s company name>” as their domain name and Internet keyword on July 29, 2008.Since after our investigation we found that this word has been in use by your company, and this may involve your company name or trade mark, so we inform you in no time. If you consider these domain names and internet keyword are important to you and it is necessary to protect them by registering them first, contact us soon. Thanks for your co-operation and support.

Kind Regards,

Kim Yang

Tel:+86-10-62961631（ext.8013）

Fax:+86-10-62968871

Email: kim.yang@beijing-anwins.cn

Kim.yang@beijing-anwins.com.cn

Beijing Anwins Network Service Co.,Ltd

Website: www.anwins.com

Related posts:

1. A domain scam or not ? You decide! Is an Aussie company is trying to scam you into...
2. It persists. Is this a domain scam or not? Recently I received another official looking letter notifying me that...
3. April fool? No an AdWords scam! Happy Easter to all, Don’t fall victim to this April...

Related posts brought to you by Yet Another Related Posts Plugin.

These appear to be genuine communications from Google asking you to renew your AdWords account or update your AdWords payment details, but are in fact scams cleverly designed to steal your credit card details.

You can identify the bogus emails by carefully rolling your mouse over the link in the email to view the popup tooltip; then carefully examine the domain details.

The phishing emails typically link to a Chinese domain which is dot cn (i.e. .cn) rather than the domain it appears to be.

Please be vigilant and under no circumstances enter your credit card details. If you do, then contact your bank immediately to freeze your credit card.

If you receive a phishing email, forward it to phishing@google.com so the folks at Google can do something about stopping these thieves.

If you are in doubt about your AdWords account’s status you can check it online. Once your AdWords account is established, the only time you should have to re-enter payment details is when your credit card expires.

If in doubt, don’t click.

Related posts:

1. April fool? No an AdWords scam! Happy Easter to all, Don’t fall victim to this April...

Related posts brought to you by Yet Another Related Posts Plugin.

The email link to update your payment details actually goes to a Chinese site and not Google: http://adwords.google.com.r4oik.cn/select/Login/

There has been some other recent reports of similar phishing scams on the Search Engine Round Table blog.

The email certainly looks legitimate and so anyone could be easily decieved. 

I strongly recommend that you ensure your internet security software is up to date and capable of detecting ‘phishing’ emails.

 After contacting Google AdWords support they asked that phishing emails be forwarded to phishing@google.com

5 April Update More phishing emails relating  to Adwords
Ive recieved a couple of these today:

Dear AdWords Customer,

As part of our ongoing efforts to improve the Google AdWords programme for advertisers and users,
we have updated our Terms and Conditions.

Please review the new Terms and Conditions below, then indicate your acceptance.

Yes, I accept the Terms and Conditions. <– this link leads to a Chinese site not to Google Adwords

Related posts:

1. April fool? No an AdWords scam! Happy Easter to all, Don’t fall victim to this April...

Related posts brought to you by Yet Another Related Posts Plugin.