ECONOMY & WORK
MONEY 101
NEWS
PERSONAL FINANCE
NET WORTH
About Us Contact Us Privacy Policy Terms of Use DMCA Opt-out of personalized ads
© Copyright 2023 Market Realist. Market Realist is a registered trademark. All Rights Reserved. People may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
MARKETREALIST.COM / NEWS

Beware of the new Phishing Attack Which Uses Google Forms; Here's how the Tactic Works

BazaCall phishing scammers are stepping up their game by incorporating Google Forms into their deceptive campaigns. Evolving their tactics, they exploit false urgency and use dynamic URLs, making it challenging for traditional security measures to detect.
PUBLISHED DEC 31, 2023
The Google logo is projected onto a man on | Getty Images | Photo by Leon Neal
The Google logo is projected onto a man on | Getty Images | Photo by Leon Neal
The image of the Google logo is reflected on the eye of a young man | Getty Images | Photo by Leon Neal
The image of the Google logo is reflected on the eye of a young man | Getty Images | Photo by Leon Neal

Google and the services it offers from mail to documents to online forms as well as drive, have become integral parts of life for people working online. But this digital exposure and credibility that the tech giant offers, can also be exploited to fool unsuspecting victims. In a concerning development, the notorious BazaCall phishing scammers are adopting new tactics to enhance the authenticity of their malicious campaigns. Security experts have detected a shift in their modus operandi, with the threat actors now leveraging Google Forms to add a layer of credibility to their deceptive schemes.

The BazaCall phishing attacks, initially observed in 2020, have become more sophisticated with time. In these attacks, cybercriminals send emails disguised as legitimate subscription notices, prompting recipients to contact a so-called support desk urgently. The ruse is to dispute or cancel a fictitious plan, with potential charges ranging from $50 to $500.

To manipulate victims, the attackers induce a sense of urgency, urging targets to engage in a phone call. During this call, scammers convince victims to grant remote access using desktop software, claiming to assist in canceling the alleged subscription. Popular services like Netflix, Hulu, Disney+, Masterclass, McAfee, Norton, and GeekSquad are often impersonated to lure unsuspecting victims.

In the latest variant of BazaCall attacks, cybersecurity firm Abnormal Security has identified the use of Google Forms as a tool to collect details related to fake subscriptions. The attackers cleverly enable response receipts in the form, sending copies of the responses to the victim's email. This manipulation is designed to make the responses appear as payment confirmations for legitimate services, such as Norton Antivirus.

Sitting in front of computer terminals, young people send and receive e-mail at an internet cafe | Getty Images | Photo by Robert Nickelsberg
Sitting in front of computer terminals, young people send and receive e-mail at an internet cafe | Getty Images | Photo by Robert Nickelsberg

The choice of Google Forms introduces an additional layer of cunning, as responses originate from the trusted domain "forms-receipts-noreply@google.com." This tactic increases the likelihood of bypassing secure email gateways, enhancing the phishing campaign's effectiveness. Moreover, Google Forms' use of dynamically generated URLs makes it challenging for traditional security measures to detect and block threats, as these URLs constantly change.

The adoption of Google Forms by BazaCall scammers showcases their adaptability and willingness to exploit trusted platforms. This evolution in tactics, combined with the use of dynamic URLs, poses a significant challenge to conventional security measures. As threat actors continue to refine their methods, organizations and individuals must stay vigilant against phishing attempts to safeguard their sensitive information.

BazaCall's incorporation of Google Forms into their phishing attacks highlights the ever-changing landscape of cybercrime. The blending of social engineering tactics with trusted platforms highlights the need for continuous cybersecurity awareness and advanced threat detection measures. As the threat landscape evolves, security experts emphasize the importance of staying informed and adopting proactive security measures to mitigate the risk of falling victim to such deceptive schemes.

MORE ON MARKET REALIST
Verizon customers to get 'account credit' as compensation — here's how to claim it
NEWS
Verizon customers to get 'account credit' as compensation — here's how to claim it
About 1.5 million subscribers were affected by the seven-hour-long outage.
2 days ago
Trump may now target another nation after Venezuela that produces three times more oil
NEWS
Trump may now target another nation after Venezuela that produces three times more oil
The country in Trump's crosshairs accounts for roughly 4% of the global oil production.
2 days ago
'Family Feud' host Steve Harvey cracks risky joke about married life in response to an answer
FAMILY FEUD
'Family Feud' host Steve Harvey cracks risky joke about married life in response to an answer
Harvey made the joke at the risk of landing in trouble at home.
2 days ago
'Family Feud' player earns special high five from Steve Harvey for his controversial answer
FAMILY FEUD
'Family Feud' player earns special high five from Steve Harvey for his controversial answer
Harvey simply said "My Man!" as soon as he heard the player's response.
2 days ago
Trump admin is willing to pay $700 billion to buy Greenland — but there's a major problem
NEWS
Trump admin is willing to pay $700 billion to buy Greenland — but there's a major problem
As president Trump pushes for measures to acquire the island, new poll shows Americans aren't sure.
3 days ago
Trump confirms he's stopping federal funding to ‘sanctuary cities’ — is yours on the list?
NEWS
Trump confirms he's stopping federal funding to ‘sanctuary cities’ — is yours on the list?
Trump said starting Feb. 1, his administration will block funds, but he didn't provide specifics.
3 days ago
'Family Feud' host Steve Harvey stares down player over wild answer about habits of men
FAMILY FEUD
'Family Feud' host Steve Harvey stares down player over wild answer about habits of men
Harvey did not like the opinion about men that he heard from Maria.
3 days ago
'Family Feud' host Steve Harvey calls out popular celebs for having too many children
FAMILY FEUD
'Family Feud' host Steve Harvey calls out popular celebs for having too many children
Harvey didn't hold back and even went on to name some of the top celebrities.
3 days ago
Trump's proposed credit card cap might destroy GOP in midterms, predicts report
NEWS
Trump's proposed credit card cap might destroy GOP in midterms, predicts report
Senior editor Charles C.W. Cooke said the cap could destroy the GOP's chances in the midterms
4 days ago
House GOP floats one more 'Big Beautiful Bill' that could cut federal deficit by $1 trillion
NEWS
House GOP floats one more 'Big Beautiful Bill' that could cut federal deficit by $1 trillion
The proposed bill aims to tackle healthcare costs, and cut the federal deficit by $1 trillion.
4 days ago
Trump admin to release framework aimed at lowering health care costs for Americans
NEWS
Trump admin to release framework aimed at lowering health care costs for Americans
As ACA benefits expire, the president claimed his framework would reduce drug prices dramatically.
4 days ago
'Family Feud' host Steve Harvey stunned after hearing a player's wild answer about family
FAMILY FEUD
'Family Feud' host Steve Harvey stunned after hearing a player's wild answer about family
Harvey could not believe that the contestant could say that with her family around.
4 days ago
'Family Feud' team makes history by winning $60,000 in incredible TV moment
FAMILY FEUD
'Family Feud' team makes history by winning $60,000 in incredible TV moment
The family aced three Fast Money rounds in a row to cash out big
4 days ago
Trump’s super PAC saw millions in donations — but it's the donor list that raises eyebrows
NEWS
Trump’s super PAC saw millions in donations — but it's the donor list that raises eyebrows
The donors poured in millions to support the Trump affiliated super PAC MAGA Inc.
5 days ago
Even Americans earning over $100,000 a year are starting to lose faith in US economy
NEWS
Even Americans earning over $100,000 a year are starting to lose faith in US economy
These reports come at a time when consumer sentiment seems to be improving.
5 days ago
Even senators from Trump’s own party have a problem with his probe into Jerome Powell
NEWS
Even senators from Trump’s own party have a problem with his probe into Jerome Powell
The lawmakers called the probe 'coercive' demanding a congressional investigation into the DOJ.
5 days ago
'Family Feud' host Steve Harvey stunned after hearing answers about awkward situations at work
FAMILY FEUD
'Family Feud' host Steve Harvey stunned after hearing answers about awkward situations at work
Harvey was too stunned to speak on two occasions in one round.
5 days ago
'Family Feud' host Steve Harvey roasts player for naming 'Jeopardy' in unexpected answer
FAMILY FEUD
'Family Feud' host Steve Harvey roasts player for naming 'Jeopardy' in unexpected answer
The player bizarrely named "Jeopardy!" in a totally unrelated question.
5 days ago
'Wheel of Fortune' contestant loses $75,000 — Ryan Seacrest says 'you needed more letters'
WHEEL OF FORTUNE
'Wheel of Fortune' contestant loses $75,000 — Ryan Seacrest says 'you needed more letters'
Seacrest expressed that the player had no way of solving the puzzle with the clues on the board.
Jan 10, 2026
'Family Feud' host Steve Harvey drops his cards as player wants to name his child after a car
FAMILY FEUD
'Family Feud' host Steve Harvey drops his cards as player wants to name his child after a car
Harvey had to shut every contestant up who thought it was a good answer.
Jan 10, 2026