Google AdWords Phishing

Park SnowI received this email last week from reactivation@google.com and it almost had me going (until I examined the included link more closely.) That and Thunderbird gave me a nice warning:

Thunderbird thinks this message might be an email scam.

the email says:

This message was sent from a notification-only email address that does
not accept incoming email. Please do not reply to this message.
--------------------------------------------------------------------------------
Dear Google AdWords Customer,
Please sign in to your account at http://adwords.google.com/select/login , and update your billing information.
Your account will be reactivated as soon as you update your payment information.
Your ads will show immediately if you decide to pay for clicks via credit or debit card. If you decide to pay by direct debit, we may need to receive your signed debit authorization before your ads start running, depending on your location.
If you choose bank transfer, your ads will show as soon as we receive your first payment.
We look forward to providing you with the most effective advertising available.
Sincerely,
----------------------------------------------------------------------------------
The Google AdWords Team

The email looks surprisingly official and doesn’t have any typos or strange wording. The only bad thing is where the link actually took me. As I moused over the link, it pointed to a page on adwords.google.com.djieh3.cn… some server in China. That server has since been taken down, but I’m sure it was a very official looking site where the scammer was saving the login and credit card information given by anyone willing to share it. I can’t help but wonder how many people fell for it.