Be Alert: Watch Out For Google Forms Phishing Scam

How Not to Fall for the New Official-Looking Google Forms Phishing Scam

Be on the lookout for scammers trying to impersonate Google. The spammer will take advantage of the option for “Response Receipts.” These emails are sent from the email address “forms-receipts-noreply@google.com.” which is the official, legitimate email.

I received TWO emails in the last 5 days. See here:


Phishing is when attackers send malicious emails designed to trick people into falling for a scam. The intent is often to get users to reveal financial information, system credentials or other sensitive data.

Phishing is an example of social engineering: a collection of techniques that scam artists use to manipulate human psychology. Social engineering techniques include forgery, misdirection and lying—all of which can play a part in phishing attacks. On a basic level, phishing emails use social engineering to encourage users to act without thinking things through.

Proof of point


Usually, I just mark as spam anything that tells me I have free money, but I was curious that the sender used ‘google.com’. That’s an impersonation of Google.

Then it occurred to me that it’s a continuation of what happened last year with Google Calendar and Google Drive. It’s an abuse of Google’s official services in an attempt to appear legitimate.

How the Scam Works?

You will get an email pretending that you had previously filled out something official with Google when in fact you have not. You are now simply receiving an email asking you to fill out your email address and to click a link to verify. The email catches your attention because when you check the “From” field of the email, you see that it’s officially from Google. So you could end up filling it out and clicking the link, not knowing that the contents of that form are not from Google.

As soon as you fill out the form and click the link, part of the job of the scammer is done. The link could lead anywhere including asking you for the personal information you had not previously supplied or lead to any number of other fraudulent attempts as revealed in the Forbes article exposing Hushpuppi.

The strange part is that these small-time scammers have Google unknowingly doing their dirty work by creating these form receipts as an automatic feature of Forms.


How to Protect Yourself?

  1. There are no free rides. Resist thinking the strangers you have never interacted with on the internet love you so much to want to send you freebies, including money. That kind of mindset is uniquely suited to scammers who would lure you into financial disasters.

  2. Recognize that just because you’ve received an email receipt doesn’t mean you requested one! Your email address could be entered into anything, and you’d receive a signup email or a receipt confirming it. When it comes to Forms, remember that if it’s a RECEIPT, it shouldn’t be asking you for anything. Nothing — not your email address, not additional action via a link — nothing. A receipt, whether malicious or not, is simply a record of previous actions, not a request for new ones.

  3. Always report. At the bottom of the form receipt email, you’ll notice a “Report Abuse” button. By clicking here, you’ll be taken to a Google form where you may report fraudulent behaviour. You can click this without concern because the form receipt was supplied by Google (just don’t click anything in the form body!). Simply click the blue “SUBMIT ABUSE REPORT” button after selecting the “Spam, malware, or “phishing” (fake login) option.

  4. Mark the email as spam and delete it in the spam folder. Enough people doing this will alert the spam filtering algorithm of the Email Service Providers.

  5. Be Vigilant. Whether you face this regularly or not, you should remain vigilant and only click on stuff you can absolutely trust. Scammers are becoming inventive so you can receive emails from official sources that contain unofficial stuff like this.

Stay safe out there, friends!

Loading...
highlight
Collect this post to permanently own it.
The BlogChain Newsletter logo
Subscribe to The BlogChain Newsletter and never miss a post.
#phishing attack#scam#google forms
  • Loading comments...