COVID-19 Themed Phishing Campaign is Abusing Google Forms

COVID-19 Themed Phishing Campaign is Abusing Google Forms

Researchers at INKY have discovered a new phishing campaign themed around COVID-19 grants to small businesses in the US, using Google forms to steal sensitive data.

The threat actors are sending emails to offer grants on various COVID-19 schemes by impersonating as US Small Business Administration. And since the SBA had run similar programs in the past, the crooks’ campaign now gains weight.

COVID-19 Themed Phishing Campaign

Phishing campaigns are often the simple way for threat actors to gather sensitive information from their targets, and they do in numerous ways. The latest campaign tracked by INKY – an email security firm, revealed that threat actors are impersonating the US Small Business Administration (SBA) to steal data from small businesses in the US.

They used the COVID-19 grants as their theme for the campaign and start off by sending emails to small business owners in the US. They claim to offer pandemic financial support programs like the “Paycheck Protection Program”, “Revitalization Fund”, and “COVID Economic Injury Disaster Loan”, asking for sensitive details in return.

These include the owner’s Google account credentials, SSNs, EINs, State ID and driver’s license details, and bank account numbers. All these are asked to fill in Google Forms they share, which transports the submitted data safely back to threat actors.

Hackers abusing the form builders aren’t new, as they offer free hosting, encrypted data traffic, and brand recognition – like something from Google Forms. Well, in this campaign, they’re abused to steal sensitive data. The US SBA had previously run a similar campaign to offer grants to the COVID-19-affected businesses, thus adding weight to the crooks’ campaign now, even though there’s no such actual grant running now.

Business owners are advised to stay vigilant of such campaigns and proceed with caution against any information-seeking emails. The researchers have noted the malspam volumes have doubled in September compared to the previous three months and warn of it rising even more.

Other Trending News:-  News

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post
MediaTek Unveiled Dimensity 1080 to Power Next-Gen Budget Premium Phones

MediaTek Unveiled Dimensity 1080 to Power Next-Gen Smartphones

Next Post
Windows

Windows Enables Account Lockouts After Certain Failed Access Attempts

Related Posts