Threat actors have been facilitating new spam attacks by exploiting the quiz results functionality of Google Forms, SiliconAngle reports.
Attacks involve the use of the option enabling later release of grades to compel email address collection from respondents, as well as the activation of other settings to evade spam blockers, according to a report from the Cisco Talos Intelligence Blog. Individuals targeted by the spam attacks will then be redirected to a legitimate-looking cryptocurrency site seeking additional forms for a free bitcoin.
Despite the elaborate scheme, no bitcoins were found to have been collected by the attackers, noted researchers.
"The amount of setup work necessary to conduct a spam attack such as this, combined with the extraordinary attention to detail put into the social engineering for the subsequent cryptocurrency scam, demonstrates just how far cybercriminals will go when it comes to separating victims from even a small amount of money," said researcher Jaeson Schultz.
Phishing, Cloud Security
Google Forms’ quiz exploited in spam attacks
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds