How to Stop PPC Account Hacking

In the office, you boot up your PC and log into AdWords. Conversions look normal. CTR isabout the same. Then you move on to clicks. Uh oh. Where did all these clicks come from?! You don't even want to look at the costs but you have to. Too bad. Yesterday you paid an extra $4,000 for the same conversions you got each day before that. What happened?!

Oftentimes, there's no explanation except hackers. Look around your account and you may be able to find a campaign or ad group that is linking to an illegitimate domain of some kind. If that's not the case, try to verify that the costs weren't your fault before contacting Google. You may have entered the wrong bid by mistake.

If you haven't fallen victim yet, there are some things you should do to stop PPC account hacking.

Create strong passwords. Use letters, numbers and characters. Don't use anything that relates to you, such as birthdays, hobbies, teams, etc. This is the most-cited tip for preventing PPC account hacking.

  • Keep your computers protected with antivirus and anti-malware. Make sure your software is up to date.

  • Keep your passwords stored somewhere safe. On paper, instead of online, is preferable. Share the document only with people you absolutely must share it with.

  • Use different passwords for every account. Don't use the same for your email, your AdWords, your Facebook, etc.

  • Don't open files or click links from anyone you shouldn't be receiving them from. You could end up with malware on your machine.

  • Don't share identifying information publicly. Keep in mind that anything you share could go public one way or another. Don't make it easy for the wrong person to get your address, billing zip code or other information.

  • Don't fool around with disreputable, unsecured sites. If a site doesn't look legitimate, don't fill out any forms there. Every time you do fill out a form with sensitive information, make sure it's secured. You should see "https" in the address (url). If there's no "s," it's not secure.

  • Don't click on popups or ads you have a funny feeling about. Most websites host ads that meet strict guidelines (such as Adwords' guidelines). Some don't, though. Start to train your eye so you don't end up clicking on an ad from sketchy sources. 

  • Don't use "home" network settings when in public. You don't want to accidently allow someone to view your screen, which is allowed by a default setting for some Windows machines. Each time you connect to a network, your machine should ask you which settings to use.

  • Enable two-step verification. This is when you have a code sent to your phone or email address (in most cases) and then enter it into the account. AdWords requires this but securing other accounts will help you protect yourself, since accounts are sometimes linked. If you notice that one of your accounts doesn't have this set up, peruse the settings and try to get it done.

To prevent AdWords hacking, one must take the proper precautions. Everyone is at risk but taking the above steps reduces that risk by leaps and bounds. PPC account hacking is much more common than we'd like but you have the power to block all but the most experienced hackers.

Need help with PPC lead generation? At isoTree, our experienced team specializes in boosting revenue while keeping costs down. We even created proprietary software, called Optimalad, to help us do the best possible job. Click here to get in touch with us.

David Kalla