According to researchers, fraudsters are abusing Google Forms via phishing campaigns that steal email logins. You can read more here: https://www.welivesecurity.com/en/scams/how-fraudsters-abuse-google-forms-spread-scams/
Here’s the TL:DR:
Malicious actors are always looking for ways to add legitimacy to scams and evade email security filters. Google Forms offers a great opportunity to do both. It is favored by cybercriminals because it is:
- Free, meaning threat actors can launch campaigns at scale with a potentially lucrative return on their investment
- Trusted by users, which increases the chances of victims believing that the Google Form they’re being sent or redirected to is legitimate
- A legitimate service, meaning that malicious Google Forms and links to malicious forms are often waved through by traditional email security tools
- Easy to use, which is good for users but also handy for cybercriminals – meaning they can launch convincing phishing campaigns with very little effort or prior knowledge of the tool
- Cybercriminals also take advantage of the fact that Google Forms communications are encrypted with TLS, which may make it harder for security tools to peer in and check for any malicious activity. Similarly, the solution often uses dynamic URLs, which may make it challenging for some email security filters to spot malicious forms.
Roger Grimes, data-driven defense evangelist at KnowBe4, commented:
“All public services like Google Forms, need to be better at defeating phishing attempts that use their product. I think most people can easily come up with a dozen signs that they can easily see in a message that indicates a scam. These services need to be doing more to fight cybercriminals using their products to conduct scams. Because they don’t, it causes trust issues and lessens the value of those products. Each of these services will tell you that they are already spending a bazillion dollars and lots of resources to fight scammers, but they simply aren’t doing enough. They are letting the revenue they are making by being bad at spotting cybercriminals get in the way of them better detecting and spotting scammers. It’s a business decision. One that isn’t being made correctly by many service providers and it’s unfortunate.”
This isn’t the first time that I’ve seen Google Forms used for nefarious purposes. And to Google’s credit, when I’ve reported a dodgy form, they’ve been quick to take it down. But it often pops up again in hours or days. I am not sure how Google addresses this, but they do need to address it.
Like this:
Like Loading...
Related
This entry was posted on April 23, 2025 at 1:20 pm and is filed under Commentary with tags ESET, Google, Scam. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Fraudsters Abuse Google Forms via Phishing to Steal Logins
According to researchers, fraudsters are abusing Google Forms via phishing campaigns that steal email logins. You can read more here: https://www.welivesecurity.com/en/scams/how-fraudsters-abuse-google-forms-spread-scams/
Here’s the TL:DR:
Malicious actors are always looking for ways to add legitimacy to scams and evade email security filters. Google Forms offers a great opportunity to do both. It is favored by cybercriminals because it is:
Roger Grimes, data-driven defense evangelist at KnowBe4, commented:
“All public services like Google Forms, need to be better at defeating phishing attempts that use their product. I think most people can easily come up with a dozen signs that they can easily see in a message that indicates a scam. These services need to be doing more to fight cybercriminals using their products to conduct scams. Because they don’t, it causes trust issues and lessens the value of those products. Each of these services will tell you that they are already spending a bazillion dollars and lots of resources to fight scammers, but they simply aren’t doing enough. They are letting the revenue they are making by being bad at spotting cybercriminals get in the way of them better detecting and spotting scammers. It’s a business decision. One that isn’t being made correctly by many service providers and it’s unfortunate.”
This isn’t the first time that I’ve seen Google Forms used for nefarious purposes. And to Google’s credit, when I’ve reported a dodgy form, they’ve been quick to take it down. But it often pops up again in hours or days. I am not sure how Google addresses this, but they do need to address it.
Share this:
Like this:
Related
This entry was posted on April 23, 2025 at 1:20 pm and is filed under Commentary with tags ESET, Google, Scam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.