Google Forms Exploited by BazarCall Scammers in Sophisticated Phishing Scheme
The BazaCall phishing scammers have started using Google Forms to enhance the credibility of their attacks. By impersonating popular subscription services like Netflix and Norton, the scammers send emails urging targets to contact a support desk to dispute or cancel a plan. In the latest attack variant, a Google Form is used to share details of the supposed subscription, with response receipts enabled to send a copy of the form to the target. The use of Google Forms and dynamically generated URLs helps bypass traditional security measures. In a separate phishing campaign, recruiters are being targeted with direct emails that lead to the More_eggs JavaScript backdoor, attributed to a financially motivated threat actor known as TA4557.
- BazaCall Phishing Scammers Now Leveraging Google Forms for Deception The Hacker News
- BazarCall attacks abuse Google Forms to legitimize phishing emails BleepingComputer
- This sneaky malware hijacks Google Forms to demand money in nasty phishing scheme TechRadar
- Scammers Weaponize Google Forms in New BazarCall Attack HackRead
- Google Forms Used in Call-Back Phishing Scam tripwire.com
Reading Insights
0
0
2 min
vs 3 min read
80%
582 → 116 words
Want the full story? Read the original article
Read on The Hacker News