CyberNews Briefs

Google Forms Abused to Phish AT&T Credentials

A new campaign utilizing Google Forms to impersonate popular brands such as Office 365, Wells Fargo, and Microsoft OneDrive has been discovered. The phishing attacks aim to collect credentials from targets, utilizing a common technique in which recipients of the phishing emails are re-directed to fraudulent login pages masquerading as legitimate services. The login pages pretend to belong to more than 25 different companies, brands, and government agencies.

Researchers have found 265 different Google Forms used in the attacks. The Google Forms are likely sent through email and use sophisticated social engineering tactics to lure victims into clicking on malicious files. According to researchers, more than 70% of the forms purported to be from AT&T. Zimperium researchers published an analysis on Tuesday claiming that the links remain active for several months despite being added to public phishing databases.

Read More: Google Forms Abused to Phish AT&T Credentials

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.