Fake Google AdWords site is designed to pilfer Google users' valuable credentials, Sophos warns Google AdWords users, beware: Cyber thieves are sending out bogus phishing emails in an effort to dupe you into surrendering your valuable Google user name and password — credentials that can be used not just to get into your AdWords account but also any other Google service you happen to use, including Google Docs, Calender, Gmail, and Google+.Beyond cautioning AdWords customers to beware of the scam, Sophos, which issued the alert, also recommends that Google users employ two-step verification, a prudent move given just how many doors a person’s Google credentials can open.According to Sophos, the phishing messages advise recipients that their Google AdWords campaigns may have stopped running. Users who take the bait and follow the in-message link up on a phishing site that looks more or less identical to the real Google AdWords login page. The phrasing, spelling, and grammar of the phishing message itself is a bit awkward — a common tell in email scams — and might give some recipients pause. It reads:Google AdWords Your Google campaigns may have stopped running today (Monday, July 25, 2011) Dear AdWords Advertiser, For quality services and running your ads without any problems (Innactive account meaning Pausing your Ads) check your AdWords account regularly. Click here to check your AdWords account now. 2011. GoogleClicking the link takes the user to a convincing spoof of the real Google AdWords login page (pictured below, courtesy of Sophos), once again demonstrating that cyber thieves are becoming more adept at appropriating trusted companies’ familiar interfaces and logos. The most obvious difference between this phishing site and the real AdWords login page: The domain for the former is google-oa.net instead of adwords.google.com.Sophos advised that Google users adopt two-step verification to protect their Google accounts. With two-step verification, users can choose to have a text message or voice message automatically sent to them when they (or others) attempt to access their account. The message contains a randomly generated code that the user must enter in order to access his or her account. This story, “Phishing scam targets Google AdWords customers,” was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter. Cybercrime