The sophisticated scam looks official and appears to be from Google AdWords where email addresses such as support@google.com and adwords-noreply@google.com are used.
“Clicking on the link will take you to a phishing website hosted in China that closely resembles the real Google AdWords login page,” according to the blog.
The TRACE blog also claimed the phishing campaign is being pushed by one of the six existing botnets that generate 85 percent of the world’s spam. In this case the culprit is the Pushdo botnet, which holds six percent of the world's spam botnets.
According to Sophos, the Pushdo Trojan is notorious. Late last year the Pushdo Trojan spammed out nude pictures of the actress Angelina Jolie and was blamed for the surge in malware last September.
Firefox 2 was flagging the website as a possible phishing site at the time Marshal researchers visited the site, the blog said.
.png&h=140&w=231&c=1&s=0)
_(20).jpg&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
