The Anti-Phishing Working Group (APWG) reports that scammers employ over 40,000 unique email subject lines each month, indicating a trend towards highly personalized phishing attacks. By gaining control of victims’ Google accounts through such tactics, criminals can set up more scams, including those targeting the cryptocurrency sector.
The Google Forms crypto scam is a perfect example of how cybercriminals use the widely trusted Google Workspace to trick people. In this post, we’ll explore this scam, show you how to detect it, and give you tips to protect yourself from this new threat.
Stay informed about the latest crypto news and scams to protect your digital assets and personal information effectively.
Need support after a scam? Join our community today.
What is Google Forms Crypto Scam?
The Google Forms crypto scam is a type of fraud where scammers use Google Forms to trick people into believing they’re participating in a legitimate activity, like a quiz. The scam typically involves asking victims to invest in cryptocurrency or reveal personal information.
How Do Google Forms Crypto Scams Work?
The scammers send these forms from the victim’s email account to make the scam look more believable and increase the chances of fooling other people. Here is how it works:
- Creation of Quizzes: Spammers use Google Forms to design quizzes, taking advantage of its features to manipulate the data collection process.
- Impersonation Using Victim’s Email: Scammers access responses using the email addresses of their planned victims, creating the illusion that the victims themselves have interacted with the form.
- Access to Responses: After the forms are submitted, the spammers can view all the collected responses.
- Activation of Release Scores Feature: Using the “Release scores” feature in Google Forms, the spammers send personalized emails to other potential victims.
- Use of Victim’s Google Account for Sending Emails: These emails are sent from the original victim’s Google account, which increases the chances of these emails avoiding spam filters and landing directly in the recipients’ inboxes, as they appear to be sent from a trusted server.
What Does a Google Forms Crypto Scam Look Like?
Here is an example of how scammers use Google Forms to manipulate victims into surrendering their personal details and digital assets like cryptocurrencies.
1. Initial Contact
- Subject Line: “Urgent: Confirmation Required for Account Activation”
- Email Content: The email motivates the receiver to click on a ‘Review Now’ button, claiming urgent action is required to activate their account.
2. Redirection to Fraudulent Form
- Action: Upon clicking the button, the victim is redirected to a fake Google Forms page.
- Appearance: This form is designed to copy a legitimate security check, asking for personal details to verify the victim’s identity.
3. Link to External Fake Site
- Promise: After submitting the form, victims are led to an external website claiming they have a pending transaction.
- Fake Offer: The site displays a false account balance of Ethereum worth over $30,000, awaiting activation.
4. Interaction with Live Chat Agent
- Agent Name: “Janet.”
- Process: Janet guides the victims through a verification process and informs them of a necessary transaction fee to release the funds.
- Assistance: Janet provides step-by-step assistance via live chat, improving the scam’s credibility.
5. Final Payment Request
- Fee Details: Victims are told they must pay a 0.22% transaction fee, amounting to $50, to unlock the Ethereum funds.
- Payment Method: A QR code is presented for the victim to scan and make the payment.
- Urgency: The scam emphasizes the urgency of the transaction to pressure the victim into paying the fee quickly.
Read about fraud detection techniques and see examples of how they prevent scams and protect your assets.
Have questions about dealing with scams? Contact us for support.
Google Forms Scam Case: The Unexpected Tool for Bitcoin Scammers
Cisco Talos, a cybersecurity firm, has uncovered a complex Bitcoin scam that uses Google Forms. This scheme has used the quiz feature within Google Forms to avoid traditional security measures and deceive victims.
Here’s a breakdown of the essential details and implications of this scam.
Key Details of the Scam
Cybercriminals create fake Google Forms quizzes and use them to send spam emails from Google’s servers, effectively evading anti-spam technology. Victims who receive these emails are led to external websites with the promise of accessing cryptocurrency gains.
In one reported case, victims were deceived into believing they could claim over 1.3 Bitcoin, approximately valued at $46,000, purportedly earned from “automatic cloud Bitcoin mining.”
Victim Interaction and Financial Demands
The scam websites are well-designed, featuring functionality such as pre-filled login credentials and active group chats to simulate a legitimate trading platform. The ending step of the scam involves tricking victims into paying a $64 “exchange fee” to release the non-existent Bitcoin.
Current Impact and Responses
As of the latest updates, no transactions have been recorded in the Bitcoin wallets linked to this scam, suggesting that potential victims might be becoming more cautious. This shows that people are becoming more aware of the risks of cyberspace.
How Has Google Responded?
Google has responded to these threats by removing identified scam applications and implementing measures to prevent similar scams in the future. But the persistence of such fraudulent activities shows that all internet users need to be vigilant.
The fight against the Google Forms crypto scam is a team effort. We can all benefit from sharing our experiences and knowledge to build a safer digital world. Each time we expose a scam, we reduce the effectiveness of these fraudulent tactics.
Tips to Avoid Google Forms Crypto Scams
Protect your digital information from Google Forms crypto scams by following these security measures:
- Enable Two-Factor Authentication: Add an extra layer of security to your Google account to help keep it safe from unauthorized access.
- Check Form Sources: Make sure the Google Form is from someone you trust before you fill it out to avoid phishing.
- Control Form Access: Only share forms with people who need them, and keep them private whenever possible.
- Watch for Strange Emails: Be wary of unexpected emails that say you’ve won something or taken a quiz. Don’t click on links or attachments in these emails.
- Check Sender Details: Look at the sender’s email and the link URL. If they don’t look like they’re from Google, they might be fake.
- Keep Your Info Safe: Don’t enter your personal or financial information on websites you don’t trust.
- Use Antivirus Software: Keep your antivirus software updated to help catch and block suspicious websites and emails.
Detect Suspicious Emails to Prevent Crypto Scams
At CryptoScam Defense Network, we are committed to informing, sharing, helping, and building a community to strengthen our collective defense against cyber threats. Stay connected and continue the conversation—our combined vigilance is a crucial tool in this fight.
It’s important to remember that reporting scams can greatly help others. Stay informed and share your experiences.
We Want to Hear From You!
Fraud recovery is hard, but you don’t have to do it alone. Our community is here to help you share, learn, and protect yourself from future frauds.
Why Join Us?
- Community support: Share your experiences with people who understand.
- Useful resources: Learn from our tools and guides to prevent fraud.
- Safe space: A welcoming place to share your story and receive support.
Find the help you need. Join our Facebook group or contact us directly.
Be a part of the change. Your story matters.
Frequented Ask Question (FAQ) About Google Forms Crypto Scam
Is Google Forms Safe to Use?
Yes, Google Forms is generally safe to use. It offers several security features to improve the protection of data collected through its platform. These include:
- Encryption of data, both during transfer and when at rest.
- Automatic saving of form responses.
- Access controls that restrict who can view or edit the forms.
These measures help ensure that the data remains secure, although users should still be vigilant about privacy settings and data sharing practices.
Can Google Forms Have Malware?
Google Forms itself is hosted by Google and is designed to collect information through various input methods like text boxes and radio buttons. While no online platform can be fully guaranteed secure, it is highly improbable for Google Forms to directly transmit malware.
However, if a form contains a malicious link, and you click on it, there is a risk of malware infection. Therefore, while the form itself typically isn’t a threat, caution is advised regarding external links that may be included in it.
How Do I Know If a Google Form Link is Legit?
To verify the legitimacy of a Google Form link, you can use Google Transparency Report. Simply right-click on the link you want to check, select “copy” from the context menu, and then paste the copied URL into the Google Transparency Report’s URL checker. This tool will help you determine if the link is safe or potentially malicious.
Why is It Important to Check the Safety of a Link Before Clicking?
Checking a link’s safety is very important because phishing attacks often use seemingly legitimate links to deceive you into visiting malicious websites. These sites can look incredibly real, mimicking trusted entities like your bank or a popular website.
What happens if I Click On an Unsafe Link?
If you click on a phishing or unsafe link, you might be redirected to a fake website where you’re asked to enter sensitive information, such as login credentials. Sharing your information on these websites can lead to account compromise.
Some malicious links can automatically download malware to your device, which can steal data or cause other security problems.
You can learn about 7 things that could identify a phishing email and avoid falling victim to this type of scam.
Photos via Unsplash.
