Cybercriminals will take advantage of any opening you give them. Offer them access to your device or accounts with a weak password or security flaw and they’re all over it. If they get in, you’ve got a lot to lose.
It can be tough to temper these kinds of attacks. Scammers are always looking for new ways to take advantage of people, and they’ve been out in droves since the start of the pandemic. It’s only going to get worse, too.
In fact, a dangerous new phishing technique was recently identified. This method uses Google technology, like Firestorm or Google Docs, to take advantage of unsuspecting victims and you need to be on the lookout for it. Here’s what you need to know.
The new Google tech scams
There are tons of ways that cybercriminals target people, but one of the techniques involves using legitimate technology to trick people into trusting them. According to Armorblox, scammers have recently been using targeted phishing campaigns that rely on Google’s trusted name to get around security measures and exploit victims.
These scams are successful because they weaponize various Google services, like Google Forms or Google Docs, which most victims have come to know and trust. There are several ways the scammers are employing these methods, including:
1. Using Google Forms for American Express credential phishing
One phishing email identified by Armorblox uses Google Forms to impersonate American Express Customer Care agents. These fake agents will tell victims via email that they left out information while validating their AmEx card. Emails also include a Google Form link the recipient is asked to follow to fill in the information and “validate” their card.
If you click on the link, you’ll be asked to put in your AmEx credentials, card details and even your mother’s maiden name. This info goes right into the hands of the scammers.
Using Google Forms helps get around any security filters that block known bad links or domains. Google’s domain is viewed as trustworthy, and Google forms are used for legitimate reasons, too, so email filters won’t automatically block them.
2. Using Google Forms for fake benefactor giveaways
Another Google Forms scam uses emails sent by a supposed childless widow who wants to part with large sums of money but has no one to disburse it to. Interested parties are told to click the link in the email or reply to the email address in the email body to be considered for the disbursement.
If you click on the link, you’ll be taken to a Google Form with an untitled question and one answer option. If you reply to the email address or answer the one question on the form, you’ll be on the scammer’s shortlist of potential victims to target in the future.
This may seem like a pointless scam, but it’s a common technique used at the start of targeted email attacks. Those who fall for it will be targeted by follow-up emails from the fake widow.
3. Using Google Firebase to impersonate security teams
Another scam method involves Google Firebase. It’s Google’s mobile platform used to create apps, host files and images and serve user-generated content. With this method, scammers will send out emails stating that the recipient hasn’t received a “vital” email due to a storage quota issue.
These emails include a link asking the victim to verify personal information and resume the email delivery. Otherwise, it will lead to email suspension and lost data. When the link is clicked on, the victim will be taken to a fake login page hosted on Firebase. This strategy is used because Firebase is deemed legitimate by security filters.
4. Using Google Docs for payslip scams
Scammers are also using Google Docs to impersonate an organization’s payroll team and send emails with payslip details to victims. These emails tell recipients that they need to confirm whether the personal information listed on the payslip is accurate.
The email link leads to a page hosted on Google Docs, which won’t be blocked by any email security filter or raise suspicion because many companies use Google Docs in day-to-day business.
5. Using Google Sites for Microsoft Teams credential phishing
Another method uses Google Sites to send out fake emails claiming to originate from a company’s IT team. These emails ask recipients to read over a secure message from a colleague, which was supposedly shared via Microsoft Teams.
Click the link and you’ll be taken to a page that looks like Microsoft Teams that redirects to a phishing site resembling the Office 365 login portal. This fake Office 365 site is hosted on Google Sites, which doesn’t arouse suspicion by recipients or security filters. But if you enter your credentials into this fake site, you’re handing them right over to scammers.
How to protect yourself from these scams
These attacks are just the tip of a deep iceberg. Scammers are really good at using Google services to get around security filters, so you need to know how to keep from falling victim to these types of scams.
To avoid being scammed, you should never click on links from unsolicited emails. If you receive an email from someone you know, confirm that they sent the link or attachment before clicking. If you don’t know the sender, don’t click the link. And double-check that any internal company emails actually came from the real source.
Before clicking links, you should also hover over the link to see the address it will send you to. This will give you a good idea of what you’re about to click on (and whether it’s safe to do so).
If something sounds too good to be true, it probably is. Widows will not be contacting you via email or Google Forms to be your benefactors. Ultimately, the best way to protect yourself is to take the time to fact-check information. Make wise decisions about the sites you visit and the information you hand out over the web.