{"id":13555,"date":"2026-02-17T15:27:54","date_gmt":"2026-02-17T09:57:54","guid":{"rendered":"https:\/\/threatcop.com\/blog\/?p=13555"},"modified":"2026-05-19T14:32:03","modified_gmt":"2026-05-19T09:02:03","slug":"google-ads-scams-mcc-phishing","status":"publish","type":"post","link":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/","title":{"rendered":"Google Ads MCC Takeover Attacks Are Rising\u2014How Phishing Scams Are Targeting Manager Accounts"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">Verizon<span style=\"font-weight: 400;\">&#8216;s Data Breach Investigations Report states that human elements, such as social engineering and phishing, are now the most common reason for security breaches. In many cases, the hacker does not break in; rather, the hacker is granted access to an account by the user.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">This shift explains the rise in <\/span>Google Ads scams<span style=\"font-weight: 400;\">. Criminals are not focused on servers anymore; they are targeting the real people managing advertising budgets. A manager account is a goldmine because one Google Ads MCC login can open the door to every linked client account.<\/span><\/span><\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #414141;color:#414141\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #414141;color:#414141\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#Why_Manager_Accounts_Are_a_Goldmine_for_Hackers\" >Why Manager Accounts Are a Goldmine for Hackers<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#Book_a_Free_Demo_Call_with_Our_Expert\" >Book a Free Demo Call with Our Expert<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#How_Google_Ads_Phishing_Scams_Actually_Work\" >How Google Ads Phishing Scams Actually Work<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#Common_Phishing_Email_Examples\" >Common Phishing Email Examples<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#What_Happens_After_an_MCC_Takeover\" >What Happens After an MCC Takeover?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#Why_These_Attacks_Are_Increasing\" >Why These Attacks Are Increasing<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#How_to_Protect_Your_MCC_Advertising_Account\" >How to Protect Your MCC Advertising Account<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#Final_Thoughts\" >Final Thoughts<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Just one click on a phony email, or one second of trust, is all that it will take for an attacker to gain access to a single MCC. Once they have access to one MCC, they can do more than just steal data; they can use that MCC to run ads, drain the budget of the business, or lock that business out of their account.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Why_Manager_Accounts_Are_a_Goldmine_for_Hackers\"><\/span><span style=\"color: #000000;\"><b>Why Manager Accounts Are a Goldmine for Hackers<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Google Ads has a manager account, also known as an MCC, that makes it easy for agencies and other businesses to manage multiple ad accounts from one dashboard.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">This is great for advertisers.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">However, it&#8217;s also a great place for hackers to profit from their criminal acts. If hackers can obtain access to an <\/span>MCC advertising<span style=\"font-weight: 400;\"> account, they can:<\/span><\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\">Run scam or malicious ads<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Deplete the entire advertising budget<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Redirect users to a malicious website<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Suspend the account for violation of policy<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Harm the agency&#8217;s reputation with its clients<\/span><\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Instead of just hacking one account, they hack many accounts at once. This provides a very high ROI&nbsp; for cybercriminals.<\/span><\/p>\n\n\n\n<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n  <meta charset=\"UTF-8\">\n  <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n  <title>Threatcop \u2013 Book a Free Demo<\/title>\n  <link href=\"https:\/\/fonts.googleapis.com\/css2?family=Outfit:wght@300;400;500;600;700&#038;display=swap\" rel=\"stylesheet\">\n  <style>\n    .tc-wrap *, .tc-wrap *::before, .tc-wrap *::after { box-sizing: border-box; margin: 0; padding: 0; }\n\n    .tc-wrap {\n      font-family: 'Outfit', sans-serif;\n      width: 100%;\n      display: flex;\n      justify-content: center;\n      padding: 20px 10px;\n    }\n\n    .tc-card {\n      width: 100%;\n      max-width: 820px;\n      background: #fff;\n      border-radius: 20px;\n      overflow: hidden;\n      box-shadow: 0 20px 60px rgba(24,57,148,0.13), 0 4px 16px rgba(24,57,148,0.07);\n      display: flex;\n      flex-direction: row;\n    }\n\n    \/* Left Panel *\/\n    .tc-left {\n      background: linear-gradient(160deg, #1e44b0 0%, #183994 40%, #0e2570 100%);\n      width: 320px;\n      flex-shrink: 0;\n      padding: 40px 32px;\n      display: flex;\n      flex-direction: column;\n      justify-content: center;\n      position: relative;\n      overflow: hidden;\n    }\n\n    .tc-left::before {\n      content: '';\n      position: absolute;\n      inset: 0;\n      background-image: radial-gradient(rgba(255,255,255,0.08) 1.5px, transparent 1.5px);\n      background-size: 22px 22px;\n    }\n\n    .tc-left::after {\n      content: '';\n      position: absolute;\n      bottom: -60px;\n      right: -60px;\n      width: 220px;\n      height: 220px;\n      background: radial-gradient(circle, rgba(99,179,255,0.22) 0%, transparent 65%);\n      border-radius: 50%;\n      pointer-events: none;\n    }\n\n    .tc-panel-inner {\n      position: relative;\n      z-index: 1;\n    }\n\n    .tc-badge {\n      display: inline-flex !important;\n      align-items: center !important;\n      gap: 6px;\n      background: rgba(255,255,255,0.1) !important;\n      border: 1px solid rgba(255,255,255,0.18) !important;\n      border-radius: 20px !important;\n      padding: 4px 14px 4px 10px !important;\n      font-size: 12.5px !important;\n      font-weight: 600 !important;\n      letter-spacing: .09em !important;\n      text-transform: uppercase !important;\n      color: rgba(255,255,255,0.85) !important;\n      margin-bottom: 18px !important;\n      font-family: 'Outfit', sans-serif !important;\n      line-height: 1.4 !important;\n    }\n\n    .tc-badge-dot {\n      width: 6px;\n      height: 6px;\n      background: #5cd9a0;\n      border-radius: 50%;\n      box-shadow: 0 0 6px #5cd9a0;\n      flex-shrink: 0;\n      display: inline-block;\n    }\n\n    \/* Force white on ALL elements inside tc-left *\/\n    .tc-left h1,\n    .tc-left h2,\n    .tc-left h3,\n    .tc-left h4,\n    .tc-left h5,\n    .tc-left h6 {\n      color: #ffffff !important;\n      font-family: 'Outfit', sans-serif !important;\n      font-size: 28px !important;\n      font-weight: 700 !important;\n      line-height: 1.35 !important;\n      letter-spacing: -0.3px !important;\n      margin: 0 !important;\n      padding: 0 !important;\n      background: none !important;\n      -webkit-text-fill-color: #ffffff !important;\n    }\n\n    .tc-left h2 em {\n      font-style: normal !important;\n      color: #7ec8ff !important;\n      -webkit-text-fill-color: #7ec8ff !important;\n    }\n\n    .tc-left p,\n    .tc-left .tc-sub {\n      color: rgba(255,255,255,0.78) !important;\n      -webkit-text-fill-color: rgba(255,255,255,0.78) !important;\n      font-family: 'Outfit', sans-serif !important;\n      font-size: 14px !important;\n      font-weight: 300 !important;\n      line-height: 1.65 !important;\n      margin-top: 12px !important;\n      background: none !important;\n    }\n\n    \/* Right Panel *\/\n    .tc-right {\n      flex: 1;\n      padding: 32px 32px 28px;\n      display: flex;\n      flex-direction: column;\n      justify-content: center;\n    }\n\n    .tc-form-title {\n      font-size: 13px !important;\n      font-weight: 600 !important;\n      letter-spacing: .12em;\n      text-transform: uppercase;\n      color: #8fa4cc !important;\n      margin-bottom: 20px !important;\n      display: flex !important;\n      align-items: center !important;\n      gap: 10px;\n      font-family: 'Outfit', sans-serif !important;\n    }\n\n    .tc-form-title::after {\n      content: '';\n      flex: 1;\n      height: 1px;\n      background: #eef1fa;\n    }\n\n    .tc-grid {\n      display: grid;\n      grid-template-columns: 1fr 1fr;\n      gap: 14px;\n    }\n\n    .tc-field {\n      display: flex;\n      flex-direction: column;\n      gap: 5px;\n    }\n\n    .tc-field.full { grid-column: 1 \/ -1; }\n\n    .tc-field label {\n      font-size: 13px !important;\n      font-weight: 600 !important;\n      color: #3a4f7a !important;\n      letter-spacing: .04em;\n      text-transform: uppercase;\n      font-family: 'Outfit', sans-serif !important;\n      display: block !important;\n    }\n\n    .tc-input-wrap {\n      position: relative;\n      display: flex;\n      align-items: center;\n    }\n\n    .tc-input-wrap .tc-fi {\n      position: absolute;\n      right: 12px;\n      width: 15px;\n      height: 15px;\n      stroke: #c0ccdf;\n      stroke-width: 1.8;\n      pointer-events: none;\n      fill: none;\n    }\n\n    .tc-wrap input[type=\"text\"],\n    .tc-wrap input[type=\"email\"],\n    .tc-wrap input[type=\"number\"] {\n      width: 100% !important;\n      border: 1.5px solid #e2e9f7 !important;\n      border-radius: 10px !important;\n      padding: 9px 34px 9px 13px !important;\n      font-family: 'Outfit', sans-serif !important;\n      font-size: 15px !important;\n      font-weight: 400 !important;\n      color: #1e2d50 !important;\n      background: #f8faff !important;\n      outline: none !important;\n      transition: border-color .2s, background .2s, box-shadow .2s;\n      -moz-appearance: textfield;\n      box-shadow: none !important;\n      -webkit-text-fill-color: #1e2d50 !important;\n    }\n\n    .tc-wrap input[type=\"number\"]::-webkit-inner-spin-button,\n    .tc-wrap input[type=\"number\"]::-webkit-outer-spin-button { -webkit-appearance: none; }\n\n    .tc-wrap input::placeholder { color: #c0ccdf !important; -webkit-text-fill-color: #c0ccdf !important; opacity: 1; }\n\n    .tc-wrap input:focus {\n      border-color: #183994 !important;\n      background: #fff !important;\n      box-shadow: 0 0 0 3.5px rgba(24,57,148,0.1) !important;\n    }\n\n    .tc-phone-row { display: flex; gap: 8px; }\n    .tc-flag-select { position: relative; flex-shrink: 0; }\n\n    .tc-flag-select select {\n      appearance: none !important;\n      -webkit-appearance: none !important;\n      border: 1.5px solid #e2e9f7 !important;\n      border-radius: 10px !important;\n      padding: 9px 26px 9px 12px !important;\n      font-family: 'Outfit', sans-serif !important;\n      font-size: 14px !important;\n      font-weight: 500 !important;\n      color: #1e2d50 !important;\n      background: #f8faff !important;\n      outline: none !important;\n      cursor: pointer;\n      width: 100px !important;\n      transition: border-color .2s, box-shadow .2s;\n    }\n\n    .tc-flag-select select:focus {\n      border-color: #183994 !important;\n      box-shadow: 0 0 0 3.5px rgba(24,57,148,0.1) !important;\n    }\n\n    .tc-flag-select::after {\n      content: '';\n      position: absolute;\n      right: 10px;\n      top: 50%;\n      transform: translateY(-50%);\n      width: 0; height: 0;\n      border-left: 4px solid transparent;\n      border-right: 4px solid transparent;\n      border-top: 5px solid #a0b0cc;\n      pointer-events: none;\n    }\n\n    .tc-phone-row .tc-input-wrap { flex: 1; }\n\n    .tc-btn-submit {\n      width: 100% !important;\n      margin-top: 18px !important;\n      padding: 11px !important;\n      background: #183994 !important;\n      border: none !important;\n      border-radius: 10px !important;\n      color: #fff !important;\n      -webkit-text-fill-color: #fff !important;\n      font-family: 'Outfit', sans-serif !important;\n      font-size: 15px !important;\n      font-weight: 600 !important;\n      letter-spacing: .05em;\n      cursor: pointer;\n      display: flex !important;\n      align-items: center !important;\n      justify-content: center !important;\n      gap: 9px;\n      transition: background .2s, transform .15s, box-shadow .2s;\n      box-shadow: 0 6px 24px rgba(24,57,148,0.28) !important;\n      text-decoration: none !important;\n    }\n\n    .tc-btn-submit:hover {\n      background: #1d46b5 !important;\n      transform: translateY(-1px);\n      box-shadow: 0 10px 32px rgba(24,57,148,0.35) !important;\n      color: #fff !important;\n    }\n\n    .tc-btn-submit:active { transform: translateY(0); }\n\n    .tc-btn-submit svg {\n      width: 16px; height: 16px;\n      stroke: #fff;\n      stroke-width: 2.2;\n      fill: none;\n      flex-shrink: 0;\n    }\n\n    .tc-trust {\n      margin-top: 10px !important;\n      display: flex !important;\n      align-items: center !important;\n      justify-content: center !important;\n      gap: 5px;\n      font-size: 13px !important;\n      color: #a0b0cc !important;\n      font-family: 'Outfit', sans-serif !important;\n    }\n\n    .tc-trust svg {\n      width: 12px; height: 12px;\n      stroke: #a0b0cc;\n      stroke-width: 2;\n      fill: none;\n      flex-shrink: 0;\n    }\n\n    @media (max-width: 680px) {\n      .tc-card { flex-direction: column !important; }\n      .tc-left { width: 100% !important; padding: 28px 24px 24px !important; }\n      .tc-right { padding: 24px 20px !important; }\n      .tc-grid { grid-template-columns: 1fr !important; }\n      .tc-field.full { grid-column: 1 !important; }\n    }\n  <\/style>\n<\/head>\n<body>\n\n<div class=\"tc-wrap\">\n  <div class=\"tc-card\">\n\n    <!-- Left Panel -->\n    <div class=\"tc-left\">\n      <div class=\"tc-panel-inner\">\n        <div class=\"tc-badge\">\n          <span class=\"tc-badge-dot\"><\/span>\n          People Security Management\n        <\/div>\n        <h2><span class=\"ez-toc-section\" id=\"Book_a_Free_Demo_Call_with_Our_Expert\"><\/span>Book a Free<br><em>Demo Call<\/em><br>with Our Expert<span class=\"ez-toc-section-end\"><\/span><\/h2>\n        <p class=\"tc-sub\">Discover how Threatcop protects your workforce from modern cyber threats.<\/p>\n      <\/div>\n    <\/div>\n\n    <!-- Right Panel -->\n    <div class=\"tc-right\">\n      <div class=\"tc-form-title\">Your Details<\/div>\n\n      <form action=\"https:\/\/threatcop.com\/thankyou-blog\" method=\"get\" target=\"_blank\">\n        <input type=\"hidden\" name=\"BlogForm\" value=\"BlogForm\">\n\n        <div class=\"tc-grid\">\n\n          <div class=\"tc-field\">\n            <label>Full Name<\/label>\n            <div class=\"tc-input-wrap\">\n              <input type=\"text\" name=\"FullName\" placeholder=\"Jane Smith\" required>\n              <svg class=\"tc-fi\" viewBox=\"0 0 24 24\" stroke-linecap=\"round\">\n                <circle cx=\"12\" cy=\"8\" r=\"4\"\/><path d=\"M4 20c0-4 3.58-7 8-7s8 3 8 7\"\/>\n              <\/svg>\n            <\/div>\n          <\/div>\n\n          <div class=\"tc-field\">\n            <label>Company Name<\/label>\n            <div class=\"tc-input-wrap\">\n              <input type=\"text\" name=\"CompanyName\" placeholder=\"Acme Corp\" required>\n              <svg class=\"tc-fi\" viewBox=\"0 0 24 24\" stroke-linecap=\"round\">\n                <rect x=\"3\" y=\"3\" width=\"18\" height=\"18\" rx=\"2\"\/>\n                <path d=\"M9 3v18M3 9h6M3 15h6\"\/>\n              <\/svg>\n            <\/div>\n          <\/div>\n\n          <div class=\"tc-field full\">\n            <label>Corporate Email<\/label>\n            <div class=\"tc-input-wrap\">\n              <input type=\"email\" name=\"email\" placeholder=\"jane@yourcompany.com\" required>\n              <svg class=\"tc-fi\" viewBox=\"0 0 24 24\" stroke-linecap=\"round\">\n                <rect x=\"2\" y=\"4\" width=\"20\" height=\"16\" rx=\"2\"\/>\n                <polyline points=\"2,4 12,13 22,4\"\/>\n              <\/svg>\n            <\/div>\n          <\/div>\n\n          <div class=\"tc-field full\">\n            <label>Phone Number<\/label>\n            <div class=\"tc-input-wrap\">\n              <input type=\"number\" name=\"Phone\" placeholder=\"98765 43210\" required>\n              <svg class=\"tc-fi\" viewBox=\"0 0 24 24\" stroke-linecap=\"round\">\n                <path d=\"M22 16.92v3a2 2 0 01-2.18 2A19.79 19.79 0 013.09 4.18 2 2 0 015.07 2h3a2 2 0 012 1.72c.13.96.36 1.9.71 2.81a2 2 0 01-.45 2.11L9.09 9.91a16 16 0 006 6l1.27-1.27a2 2 0 012.11-.45c.91.35 1.85.58 2.81.71A2 2 0 0122 16.92z\"\/>\n              <\/svg>\n            <\/div>\n          <\/div>\n\n        <\/div>\n\n        <button type=\"submit\" class=\"tc-btn-submit\">\n          <svg viewBox=\"0 0 24 24\" stroke-linecap=\"round\">\n            <path d=\"M22 2L11 13M22 2L15 22l-4-9-9-4 20-7z\"\/>\n          <\/svg>\n          Book My Free Demo\n        <\/button>\n\n        <div class=\"tc-trust\">\n          <svg viewBox=\"0 0 24 24\" stroke-linecap=\"round\">\n            <rect x=\"3\" y=\"11\" width=\"18\" height=\"11\" rx=\"2\"\/>\n            <path d=\"M7 11V7a5 5 0 0110 0v4\"\/>\n          <\/svg>\n          Your data is safe &amp; never shared with third parties\n        <\/div>\n\n      <\/form>\n    <\/div>\n\n  <\/div>\n<\/div>\n\n<\/body>\n<\/html>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_Google_Ads_Phishing_Scams_Actually_Work\"><\/span><span style=\"color: #000000;\"><b>How Google Ads Phishing Scams Actually Work<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Most <\/span>Google Ads <a href=\"https:\/\/threatcop.com\/blog\/phishing-statistics\/\">phishing scams<\/a><span style=\"font-weight: 400;\"> rely on a very simple psychological trick: urgency.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">A typical flow of the attacks is as follows:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\">You receive an email that claims to be from Google Ads.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">The email states that there\u2019s an account suspension and\/or a billing issue.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">You then receive the email saying you should \u201clog in right now.\u201d<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">When you click on the link to log in, you are taken to a fake login page.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Your credentials will be captured.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Hackers will log in to your real account using those credentials.<\/span><\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">No technical hacking is required. The attack only uses <a href=\"https:\/\/threatcop.com\/blog\/social-engineering-attack\/\">social engineering<\/a> techniques.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Common_Phishing_Email_Examples\"><\/span><span style=\"color: #000000;\"><b>Common Phishing Email Examples<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Phishing authorities commonly impersonate businesses, sending out phishing emails from fake email accounts, i.e., &#8220;support@google.com&#8221; or &#8220;support@paypal.com.&#8221;<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Types of <a href=\"https:\/\/threatcop.com\/blog\/attachment-based-phishing\/\">phishing emails<\/a> include those utilizing one or more of these subject lines:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\">Your Google Ads Account May Be Disabled<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Invoices Need Your Attention<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Violating Policy<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Suspicious Activity Found<\/span><\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">All phishing emails look authentic, and they use logos that appear real and have a formal-sounding tone. However, one little thing sets them apart from a legitimate email: the sender&#8217;s email address does not match who it&#8217;s supposed to be coming from.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_Happens_After_an_MCC_Takeover\"><\/span><span style=\"color: #000000;\"><b>What Happens After an MCC Takeover?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Once the crime is carried out, hacking criminals will frequently do the following:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\">Post advertisements for cryptocurrency and investment scams<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Modify account permission settings<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Lock out the account\u2019s original administrator<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Spend huge sums before being caught<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Resell access to the account via underground forums<\/span><\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">This can create issues for the agency. Refund requests from clients, lost trust, and termination of contracts with the agency.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">A single hack can undo all of the time and effort that a person spent building their reputation.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Why_These_Attacks_Are_Increasing\"><\/span><span style=\"color: #000000;\"><b>Why These Attacks Are Increasing<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The following trends indicate that scammers are more likely to utilize Google Ads:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\">The use of <a href=\"https:\/\/threatcop.com\/blog\/what-is-deepfake-phishing\/\">artificial intelligence in phishing.<\/a><\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">The spread of remote work is increasing the risk that your login credentials will be stolen.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">The average size of agency client portfolios (more agencies managing larger portfolios).<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Criminals will always follow the money; therefore, high advertising budgets = more scam activity.<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">It all boils down to this: MCCs are lucrative for the criminal element.<\/span><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_to_Protect_Your_MCC_Advertising_Account\"><\/span><span style=\"color: #000000;\"><b>How to Protect Your MCC Advertising Account<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">This section enlists the key tips in order to protect your MCC advertising account:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"color: #000000;\"><b>Implement 2-Factor Authentication<\/b><span style=\"font-weight: 400;\">: Your account will have a second login requirement, meaning that even if your password is compromised through a Google Ad scam, the hacker cannot access your account.<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Limit Admin Access<\/b><span style=\"font-weight: 400;\">: By having fewer administrators on your <\/span>AdWords MCC<span style=\"font-weight: 400;\">, there are fewer opportunities for abuse or takeover of your account.<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Audit Account Users Frequently<\/b><span style=\"font-weight: 400;\">: Remove users from your MCC access list that are either former employees or were not invited to be an administrator.&nbsp;<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Educate Staff on Phishing Scams<\/b><span style=\"font-weight: 400;\">: Take the time to properly teach your team how to identify fake emails and phishing scams involving Google Ad accounts.&nbsp;<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Use Bookmarks on Your Browser for Official Website Logins<\/b><span style=\"font-weight: 400;\">: Ensure that you only access Google Ads through the official website; do not visit a fake Google Ads login page.&nbsp;<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Watch for Sudden Spikes in Advertiser Spend:<\/b><span style=\"font-weight: 400;\"> Be alert for unusual advertising spend, as this may indicate that your advertiser&#8217;s account has been hacked.&nbsp;<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Enable Login Alerts on Your Account<\/b><span style=\"font-weight: 400;\">: Set up login alerts to receive an email when someone logs in to your account using a new device or location.&nbsp;<\/span><\/span><\/li>\n<\/ul>\n\n\n\n<style>\n  .threatcop-banner {\n    background-color: #02022e;\n    border: 2px solid #00bf63;\n    border-radius: 12px;\n    padding: 12px 24px;\n    display: flex;\n    justify-content: space-between;\n    align-items: center;\n    max-width: 1100px;\n    margin: 20px auto;\n    color: #ffffff;\n    font-family: Arial, sans-serif;\n  }\n\n  .threatcop-banner-text {\n    font-size: 18px;\n    font-weight: 500;\n  }\n\n  .threatcop-banner-button {\n    background-color: #00bf63;\n    color: #ffffff;\n    padding: 8px 20px;\n    border-radius: 8px;\n    text-decoration: none;\n    font-weight: 500;\n    white-space: nowrap;\n    transition: 0.2s ease;\n    font-size: 15px;\n  }\n\n  .threatcop-banner-button:hover {\n    opacity: 0.9;\n  }\n\n  @media (max-width: 768px) {\n    .threatcop-banner {\n      flex-direction: column;\n      text-align: center;\n      gap: 10px;\n    }\n  }\n<\/style>\n\n<div class=\"threatcop-banner\">\n  <div class=\"threatcop-banner-text\">\n    Discuss Your Organization\u2019s Human Risk Challenges\n  <\/div>\n  <a href=\"https:\/\/threatcop.com\/contact-us?utm_source=thrm_summerized_blog\" class=\"threatcop-banner-button\">\n    Book a Meeting\n  <\/a>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Final_Thoughts\"><\/span><span style=\"color: #000000;\"><b>Final Thoughts<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">The human trust represents the greatest number of threats to your ad accounts, rather than a technical vulnerability. Agencies that will do well in 2026 will view cybersecurity as an added value for their clients, rather than an IT hygiene issue. It can cost more than just money to click carelessly through the online world of<\/span> Google Ads scams<span style=\"font-weight: 400;\">; it can also cost you credibility.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Agencies that invest in continuous <a href=\"https:\/\/threatcop.com\/threatcop-security-awareness-training\">phishing-awareness training<\/a> using platforms like Threatcop position cybersecurity as a client value-add, not just IT hygiene.<\/span><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Verizon&#8216;s Data Breach Investigations Report states that human elements, such as social engineering and phishing, are now the most common reason for security breaches. In many cases, the hacker does not break in; rather, the hacker is granted access to an account by the user. This shift explains the rise in Google Ads scams. Criminals [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":13565,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[41,42],"tags":[],"class_list":["post-13555","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-attacks","category-cybersecurity-awareness"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Google Ads MCC Attacks: Phishing Targeting Manager Accounts<\/title>\n<meta name=\"description\" content=\"Google Ads scams are increasing as phishing attacks target manager accounts. Learn how MCC advertising accounts are compromised and how to protect your ad spend and clients.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Google Ads MCC Attacks: Phishing Targeting Manager Accounts\" \/>\n<meta property=\"og:description\" content=\"Google Ads scams are increasing as phishing attacks target manager accounts. Learn how MCC advertising accounts are compromised and how to protect your ad spend and clients.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/\" \/>\n<meta property=\"og:site_name\" content=\"Threatcop\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/\" \/>\n<meta property=\"article:published_time\" content=\"2026-02-17T09:57:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-19T09:02:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/02\/Google-Ads-MCC-Attacks-Are-Rising-Phishing-scams-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1080\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Threatcop\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatcop\" \/>\n<meta name=\"twitter:site\" content=\"@threatcop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Threatcop\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/\"},\"author\":{\"name\":\"Threatcop\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/e4db27ffd37219d73fc6b40cc9d45cfa\"},\"headline\":\"Google Ads MCC Takeover Attacks Are Rising\u2014How Phishing Scams Are Targeting Manager Accounts\",\"datePublished\":\"2026-02-17T09:57:54+00:00\",\"dateModified\":\"2026-05-19T09:02:03+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/\"},\"wordCount\":1019,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/Google-Ads-MCC-Attacks-Are-Rising-Phishing-scams-1.jpg\",\"articleSection\":[\"Cyber Attacks\",\"Cybersecurity Awareness\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/\",\"name\":\"Google Ads MCC Attacks: Phishing Targeting Manager Accounts\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/Google-Ads-MCC-Attacks-Are-Rising-Phishing-scams-1.jpg\",\"datePublished\":\"2026-02-17T09:57:54+00:00\",\"dateModified\":\"2026-05-19T09:02:03+00:00\",\"description\":\"Google Ads scams are increasing as phishing attacks target manager accounts. Learn how MCC advertising accounts are compromised and how to protect your ad spend and clients.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/#primaryimage\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/Google-Ads-MCC-Attacks-Are-Rising-Phishing-scams-1.jpg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/Google-Ads-MCC-Attacks-Are-Rising-Phishing-scams-1.jpg\",\"width\":1920,\"height\":1080,\"caption\":\"Google Ads MCC Attacks Are Rising - Phishing scams\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/google-ads-scams-mcc-phishing\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Google Ads MCC Takeover Attacks Are Rising\u2014How Phishing Scams Are Targeting Manager Accounts\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"name\":\"Threatcop\",\"description\":\"Cybersecurity Blogs, News, Updates, and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\",\"name\":\"Threatcop\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"width\":432,\"height\":102,\"caption\":\"Threatcop\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Threatcop\\\/100083109892339\\\/\",\"https:\\\/\\\/x.com\\\/threatcop\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/threatcop\\\/\",\"https:\\\/\\\/www.instagram.com\\\/threatcop_official\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/e4db27ffd37219d73fc6b40cc9d45cfa\",\"name\":\"Threatcop\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_1_1696398433.jpeg\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_1_1696398433.jpeg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/avatar_user_1_1696398433.jpeg\",\"caption\":\"Threatcop\"},\"sameAs\":[\"https:\\\/\\\/threatcop.com\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Google Ads MCC Attacks: Phishing Targeting Manager Accounts","description":"Google Ads scams are increasing as phishing attacks target manager accounts. Learn how MCC advertising accounts are compromised and how to protect your ad spend and clients.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/","og_locale":"en_US","og_type":"article","og_title":"Google Ads MCC Attacks: Phishing Targeting Manager Accounts","og_description":"Google Ads scams are increasing as phishing attacks target manager accounts. Learn how MCC advertising accounts are compromised and how to protect your ad spend and clients.","og_url":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/","og_site_name":"Threatcop","article_publisher":"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","article_published_time":"2026-02-17T09:57:54+00:00","article_modified_time":"2026-05-19T09:02:03+00:00","og_image":[{"width":1920,"height":1080,"url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/02\/Google-Ads-MCC-Attacks-Are-Rising-Phishing-scams-1.jpg","type":"image\/jpeg"}],"author":"Threatcop","twitter_card":"summary_large_image","twitter_creator":"@threatcop","twitter_site":"@threatcop","twitter_misc":{"Written by":"Threatcop","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#article","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/"},"author":{"name":"Threatcop","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/e4db27ffd37219d73fc6b40cc9d45cfa"},"headline":"Google Ads MCC Takeover Attacks Are Rising\u2014How Phishing Scams Are Targeting Manager Accounts","datePublished":"2026-02-17T09:57:54+00:00","dateModified":"2026-05-19T09:02:03+00:00","mainEntityOfPage":{"@id":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/"},"wordCount":1019,"commentCount":0,"publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"image":{"@id":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/02\/Google-Ads-MCC-Attacks-Are-Rising-Phishing-scams-1.jpg","articleSection":["Cyber Attacks","Cybersecurity Awareness"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/","url":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/","name":"Google Ads MCC Attacks: Phishing Targeting Manager Accounts","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#primaryimage"},"image":{"@id":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/02\/Google-Ads-MCC-Attacks-Are-Rising-Phishing-scams-1.jpg","datePublished":"2026-02-17T09:57:54+00:00","dateModified":"2026-05-19T09:02:03+00:00","description":"Google Ads scams are increasing as phishing attacks target manager accounts. Learn how MCC advertising accounts are compromised and how to protect your ad spend and clients.","breadcrumb":{"@id":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#primaryimage","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/02\/Google-Ads-MCC-Attacks-Are-Rising-Phishing-scams-1.jpg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/02\/Google-Ads-MCC-Attacks-Are-Rising-Phishing-scams-1.jpg","width":1920,"height":1080,"caption":"Google Ads MCC Attacks Are Rising - Phishing scams"},{"@type":"BreadcrumbList","@id":"https:\/\/threatcop.com\/blog\/google-ads-scams-mcc-phishing\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatcop.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Google Ads MCC Takeover Attacks Are Rising\u2014How Phishing Scams Are Targeting Manager Accounts"}]},{"@type":"WebSite","@id":"https:\/\/threatcop.com\/blog\/#website","url":"https:\/\/threatcop.com\/blog\/","name":"Threatcop","description":"Cybersecurity Blogs, News, Updates, and Articles","publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatcop.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/threatcop.com\/blog\/#organization","name":"Threatcop","url":"https:\/\/threatcop.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","width":432,"height":102,"caption":"Threatcop"},"image":{"@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","https:\/\/x.com\/threatcop","https:\/\/www.linkedin.com\/company\/threatcop\/","https:\/\/www.instagram.com\/threatcop_official\/"]},{"@type":"Person","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/e4db27ffd37219d73fc6b40cc9d45cfa","name":"Threatcop","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_1_1696398433.jpeg","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_1_1696398433.jpeg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/10\/avatar_user_1_1696398433.jpeg","caption":"Threatcop"},"sameAs":["https:\/\/threatcop.com"]}]}},"_links":{"self":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/13555","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/comments?post=13555"}],"version-history":[{"count":17,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/13555\/revisions"}],"predecessor-version":[{"id":14520,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/13555\/revisions\/14520"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media\/13565"}],"wp:attachment":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media?parent=13555"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/categories?post=13555"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/tags?post=13555"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}