Security News > 2022 > October > Google Forms abused in new COVID-19 phishing wave in the U.S.
In the latest attacks, phishing emails impersonate the U.S. Small Business Administration and abuse Google Forms to host phishing pages that steal the personal details of business owners.
The lures used in the phishing emails are for pandemic financial support programs like the "Paycheck Protection Program", "Revitalization Fund", and "COVID Economic Injury Disaster Loan.".
The emails entice recipients to apply for the program by clicking on an embedded button that takes them to a Google Forms page.
The phishing forms mimic the content SBA used in legitimate support programs, requesting the applicants to enter much of the same information.
Google Forms, which the threat actors abuse, contains a warning never to submit passwords on the platform, which is Google's attempt to minimize the effects of the abuse they know takes place on its forms builder.
Finally, the SBA would not request that information be submitted on Google Forms but rather directly on their site.