An email with the attached Google Form, (Source: Proofpoint)
Fraudsters are using Google Forms to target retail, telecom, healthcare, energy and manufacturing companies in an apparent reconnaissance campaign to identify targets for follow-up business email compromise attack. Unfortunately, Google services are often abused for malware distribution, credential phishing and, in this case, as part of email fraud. Google is often a trusted source in many organizations, so threat actors leverage that goodwill for their attacks, says Sherrod DeGrippo, senior director of threat research and detection at Proofpoint.
Researchers at Proofpoint note that the attackers are leveraging Google Forms to bypass email security content filters based on keywords.
Researchers at the security firm Proofpoint are tracking several fraud schemes leveraging COVID-19 vaccine-themed emails.
The schemes include business email compromise scams, messages with malicious attachments used to deliver malware and phishing emails designed to harvest credentials - including usernames and passwords for Microsoft Office 365, according to Proofpoint.
The Proofpoint report notes social engineering attacks leveraging vaccine themes have increased over the last two months as pharmaceutical companies have ramped up production (see: Many actors across most geographies are continuing to leverage COVID-19 social engineering, which is an extension of a trend we ve observed since January 2020, says Sherrod DeGrippo, senior director of threat research and detection at Proofpoint