The most recent investigation from Kaspersky showed that cybercriminals are now using Google Forms, a genuine and well-reviewed product in Google’s ecosystem, to carry out a sophisticated phishing operation aimed at bitcoin users.
A recent investigation discovered the scam, which starts with scammers entering victims’ email addresses into Google Forms that have already been set up. In order to give it an air of legitimacy and get past the majority of spam filters, Google’s infrastructure automatically sends a confirmation email with official Google branding, layout, and form data to the unwary recipient after the submission.
Olga Kovtun, a cybersecurity expert at Kaspersky, responded to the investigation’s conclusions by saying that the attackers had designed this form submission confirmation to seem like a message from a cryptocurrency transaction provider.
“It indicates a sum to be paid out and urges the user to click a link to claim it before the offer expires,” Kovtun added.
The victim is taken to a phony page that imitates a cryptocurrency wallet or exchange portal after clicking the link. In order to get a fictitious transfer, customers are asked to pay a bitcoin “commission” charge there. The victim’s money being lost to fraudsters is actually the sole transaction that takes place.
In order to evade detection, the attackers are using Google’s infrastructure and reputation, according to a Kaspersky analyst.“By crafting fraudulent submission confirmation emails that mimic legitimate notifications from crypto exchanges, attackers used the platform’s credibility to bypass email filters and lure victims into divulging sensitive wallet credentials,” Kovtun averred.
The company issued a warning, stating that as digital currencies have grown in popularity, their owners have become prime targets for increasingly inventive assaults. This most recent operation serves as an example of how reliable technologies may be used as weapons to trick consumers and steal digital assets.
Kaspersky advised users to be on the lookout for odd details in emails, like unexpected references to Google Forms or unidentified transactions; to avoid clicking on links in unsolicited or unexpected emails, even from what appear to be official sources; and to confirm the source of all notifications pertaining to cryptocurrencies by directly accessing wallets or exchanges through official apps or websites.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
