I know you might be wondering how Google Forms Is Gradually Becoming the Favorite Tool for Cyber Criminals. The fact is that experienced cybercriminals are now using Google forms to complement their attack setup.
Cybersecurity researchers have also been able to identify over half a dozen of ways in which cyber scammers and malware operators overuse Google Forms, as part of a wide range of attacks.
The researchers at Sophos discovered cybercriminals’ affinity for Google Forms while researching how malware operators were evading detection by increasingly adopting encrypted communication protocols.
Google Forms Is Gradually Becoming the Favorite Tool for Cyber Criminals
Some analysis from TechRadar shows that while most abuse of Google Forms by cyberattackers remains firmly in the low-skill phishing and fraud spam space.
There are also increasing signs that adversaries are taking advantage of the platform for more sophisticated attacks,” shared Sean Gallagher, the senior threat researcher at Sophos.
Gallagher adds that they have in fact spotted threat actors using Google Forms for everything from helping exfiltrate data to using it to host a malware command and control (C2) server.
Use and scoot
Sophos has identified seven malicious ways threat actors that use Google Forms to conduct their spiteful activities.
In addition to its use to facilitate traditional phishing campaigns, entry-level scammers use the online survey administration software’s ready-made design templates to craft fake e-commerce pages to steal payment details.
“According to Gallagher”, Google Forms offer cyberattackers an attractive proposition: the forms are easy to implement and trusted by both organizations and consumers.
He also added that traffic to and from the service is secured with Transport Layer Security (TLS) encryption so it can’t be easily inspected by defenders, and the whole setup essentially provides a free attack infrastructure.
The researchers add that it appears the attackers are conscious of Google’s policy of shuttering accounts that abuse its apps, including Google Forms, on a mass scale.
The researchers observed that the low-volume, targeted use of the service helps the abuse fly under the radar, and evade detection. You can get more details from this link.