Google Ads agencies are being targeted by phishing scams disguised as legitimate client inquiries to gain access to ad accounts

A wave of phishing attacks is targeting Google Ads agencies through fabricated client leads designed to look like legitimate business inquiries, with scammers using high-level spoofing tactics including professional-looking emails, redirected URLs, and impersonation of large global companies to gain access to agency My Client Center accounts. Pauline Jakober, founder of Group Twenty Seven, publicly detailed one near-miss in which a fraudulent lead slipped through using a mismatched email address, a LinkedIn profile that didn't exist, and a domain name created three days prior. Google Ads product liaison Ginny Marvin warned advertisers on LinkedIn to mark suspicious emails as spam and report compromised accounts, writing that “advertisers must remain alert” while Google monitors for unusual account activity.