COVID-19 Themed Phishing Campaign is Abusing Google Forms

Researchers at Abnormal Security has documented a phishing attack done leveraging the Commissioner of Texas DSHS. Somehow, the attackers were able to send a carefully crafted e-mail to a computer parts supplier asking for a quotation for a few laptops and hard drives. Though this may have been thwarted, researchers spot the level of sophistication attackers herein reached.

Phishing Attackers Leverage Texas DSHS Commissioner Email

Phishing is one of the prominent means of attacking in the cyber world. While many just send a bulk of email to everyone at once, skilled fraudsters make time to do homework. They understand the target and craft an e-mail customized to him carefully, thereby increasing the chances of trapping him.

One such attack is reported recently by the Abnormal Security, an email security platform. The firm reported the incident where attackers have leveraged the name and email ID of John William Hellerstedt, the acting Commissioner of the Texas Department of State Health Services. The attacker herein has somehow captured his legit email and sent an email to a computer parts supplier.

Phishing email from scammer
The phishing email from the scammer

He crafted the email with an attachment of RFQ (Request for Quotation), asking the seller for a price question. The order details the requirement for 20 touchscreen laptops and 200 external hard drives. The email asks the supplier to respond with his quotation in 30 days, which drives him to decide quickly. Also, a place where the attacker has shown his sophistication is the email addresses.

While the sender’s email ID is mentioned to be as “”, the “Reply-to” email ID was set as “”. This is clever since the supplier if responded, would be replying to the attacker’s email mentioned. This would lead to a peaceful connection without needing the actual (sender’s) e-mail ID again.

Also, the attacker has mentioned the billing address and the contact phone number to be of actual department’s but didn’t specify the “Deliver to” address. This can be decided if the supplier (target) responds. The aim of this attack is to obtain free goods and profit by reselling them.

Other Trending News:-  News


Please enter your comment!
Please enter your name here