Subj : Google Forms exploited in crypto-stealing scam - here's what we k To : All From : TechnologyDaily Date : Fri Jul 25 2025 17:45:08 Google Forms exploited in crypto-stealing scam - here's what we know Date: Fri, 25 Jul 2025 16:32:00 +0000 Description: Google Forms can send notifications to people who fill questionnaires - and guess what scammers are doing. FULL STORY ======================================================================Crooks are sending out customized Google Forms notification emails The emails bypass filters and land in people's inboxes They state victims can claim crypto if only they pay commission fees Cybersecurity researchers Kaspersky have flagged that Google Forms is being abused in phishing emails targeting cryptocurrency owners. Google Forms is a free web-based application which allows users to create surveys , quizzes, and forms. Since it is a Google product, any notifications it generates generally bypass email protections and land into peoples inboxes - and cybercriminals are now exploiting this fact to try and get people to pay for a non-existing crypto transaction. Fake crypto site In these attacks, crooks create a questionnaire with a single slot for the email address. They submit the address themselves, after which the victim receives an emailed submission notification. This notification can also be customized, and the threat actors create it to look like a notification from a crypto transaction service. The email says the recipient has a pending payment that needs to be finalized before it expires. Clicking on the link provided in the email sends the victim to a fake crypto exchange site, where they need to contact support and make a commission payment to receive the transfer. Obviously, there is no support, no commission, and no transfer - the money they give away goes straight to the scammers and is lost forever. "This campaign demonstrates a cunning exploitation of a trusted and widely used platform to deliver scam attacks on cryptocurrency users, said Andrey Kovtun, Email Threats Protection Group Manager at Kaspersky. By crafting fraudulent submission confirmation emails that mimic legitimate notifications from crypto exchanges, attackers used the platforms credibility to bypass email filters, and also the victims unfamiliarity with its format to lure them into divulging sensitive wallet credentials. There is a critical need for users to verify email sources, scrutinize links and adopt robust security measures to protect their digital assets. With phishing emails, an old adage still stands - if something sounds too good to be true, it probably is. You might also like Thousands of PostgreSQL servers are being hijacked to mine crypto Take a look at our guide to the best authenticator app We've rounded up the best password managers ====================================================================== Link to news story: https://www.techradar.com/pro/security/google-forms-exploited-in-crypto-steali ng-scam-heres-what-we-know --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .