With the Western hemisphere turning to cold months, cases of COVID-19 and cyberattacks based on it tend to grow gradually.
Phishing campaigns are one such thing, where crooks theme their templates around COVID-19 to lure people into offering their sensitive information. The latest campaign, as spotted by INKY, is made around COVID-19 grants to US small businesses, using Google Forms.
Leveraging Google Forms for Phishing Attacks
Researchers at INKY, an email security firm, have tracked a new phishing campaign where the crooks are leveraging Google Forms to collect sensitive data. They noted that malspam volumes have doubled in September, when compared to the previous three months, and warn of rising even more.
The latest campaign in this pursuit is impersonating the U.S. Small Business Administration (SBA) on a theme of offerings grants to the COVID-19-affected small businesses in the country. Threat actors are using Google Forms to host their phishing pages, with fake support programs such as the โPaycheck Protection Programโ, โRevitalization Fundโ, and โCOVID Economic Injury Disaster Loan.โ
Hackers exploiting the form builders for their campaigns isnโt new, as they give free hosting, encrypted data traffic, and brand recognition. And since the US SBA had similar programs run in the past, the crooksโ campaign now gains some credibility.
The phishing email asks the recipients to apply for the program by clicking on an embedded button, which is a phishing form made on Google form. The data blanks include their Google account credentials, SSNs, EINs, State ID and driverโs license details, and bank account number.
When filled and clicked submit, all these sensitive details will be transported to the threat actors, who may use them for other malicious means. As itโs dangerous, business owners are advised to remain vigilant and treat all incoming messages offering financial support with suspicion.