Security News > 2023 > December > BazarCall attacks abuse Google Forms to legitimize phishing emails
A new wave of BazarCall attacks uses Google Forms to generate and send payment receipts to victims, attempting to make the phishing attempt appear more legitimate.
BazarCall, first documented in 2021, is a phishing attack utilizing an email resembling a payment notification or subscription confirmation to security software, computer support, streaming platforms, and other well-known brands.
Email security firm Abnormal reports that it has encountered a new variant of the BazarCall attack, which now abuses Google Forms.
Google Forms is a free online tool that allows users to create custom forms and quizzes, integrate them on sites, share them with others, etc.
As Google Forms is a legitimate service, email security tools will not flag or block the phishing email, so delivery to the intended recipients is guaranteed.
Google shares "Fix" for deleted Google Drive files.
News URL
Related news
- Threat actors abuse Google Apps Script in evasive phishing attacks (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- iOS devices face twice the phishing attacks of Android (source)
- Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Phishers abuse Google OAuth to spoof Google in DKIM replay attack (source)
- Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials (source)
- Phishing emails delivering infostealers surge 84% (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)