Beware!! Hackers Abuse Google Forms to Conduct Phishing Attacks

Recently, the threat actors have disguised more than 25 various companies, including different brands and government offices. The cybersecurity researchers asserted that the threat actors could perform any possible way to convince that they are legitimate. 

In this incident, the hackers have used 265 Google Forms in an attempt to steal user passwords and credentials.

The researchers also noticed that cybercriminals mistreat the trust people they have in the google.com domain to attract them into delivering their password and login credentials through a genuine-looking Google Form.

Targeted companies

According to the report that has been given by the researchers, there are more than 70 percent of the sites that have been targeted by AT&T. And here we have provided the full list of targeted companies, brands, and government agencies below:-

  • AOL (America Online)
  • AT&T
  • Binance
  • BT Group (British Telecommunications)
  • Capital One
  • Citibank
  • European Union – Foreign Direct Investments
  • GESupplier.com
  • Google Docs
  • IRS (Internal Revenue Service)
  • Mexican Government
  • Microsoft OneDrive
  • Microsoft Outlook
  • Oca Card
  • OneDrive
  • Office 365
  • Pôle Emploi
  • SBC
  • Sir
  • Sky – TATA
  • Swisscom
  • T-Mobile
  • Trust Wallet
  • Web.de
  • Wells Fargo
  • Yahoo
  • Zimbra

Google Form Phishing

Google Forms is a review administration app included in the Google Docs Office Suite and Classroom simultaneously with Docs, Sheets, and Slides. 

Google Form for phishing has numerous other advantages:- 

  • The hosting of the domain doesn’t have to be determined by the attacker.
  • Existing under a Google domain bypasses the detection of reputation that are based on phishing detectors.
  • All the phishing detectors which are based on domain antiquity won’t operate on this site.
  • Google Forms also implement a justifiable SSL certificate that means the users that are relying on the “secure” implication of the browsers are easily misled at no cost.
  • Google Forms state automatically at the bottom of each form, “never submit password via Google forms,” but many victims often overlook this.

Upsurge of Phishing

The researchers stated that the number of phishing websites that are using HTTPS traffic increased from 12 percent in early 2019 to nearly 60 percent now. The rise in price is because of all new phishing techniques that are appearing quite often. 

However, Google Forms are very easy to perform, but at the same time, it arrives with the trust-building benefit of being hosted under the google.com domain. 

The Cybersecurity recognition training guides the users to watch out for all kinds of errors or tricks that can uncover a scam. The researchers also mentioned that most of the time, cybercriminals use the company’s logo and branding to resemble themselves more legitimate.

You can follow us on LinkedinTwitterFacebook for daily Cyber security and hacking news updates.

Balaji N

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Published by
Balaji N

Recent Posts

SSNDOB Marketplace Admin Jailed for Selling millions of Americans Data

In a resounding triumph for justice, U.S. District Judge Kathryn Kimball Mizelle has sentenced Vitalii…

11 hours ago

Is Your Online Store Hacked in a Carding Attack? Here’s an Action Plan to Protect

Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using…

14 hours ago

Google Researchers Find Out How ChatGPT Queries Can Collect Personal Data

The LLMs (Large Language Models) are evolving rapidly with continuous advancements in their research and…

14 hours ago

New Android Malware Employs Various Tactics to Deceive Malware Analyst

In the dynamic realm of mobile application security, cybercriminals employ ever more sophisticated forms of…

16 hours ago

DJvu Ransomware Mimic as Cracked Software to Compromise Computers

A recent campaign has been observed to be delivering DJvu ransomware through a loader that…

17 hours ago

Okta Hack: Threat Actors Downloaded all Customer Support System Users’ Data

In a pivotal update to the Okta security incident divulged in October 2023, Okta Security…

18 hours ago