A new surge in phishing attacks exploiting Google Forms has been detected by cybersecurity researchers, signaling a major escalation in efforts by cybercriminals to defraud individuals of their cryptocurrencies.
The attackers are leveraging the credibility and technical infrastructure of Google Forms, a trusted, widely used survey and registration platform, to craft and distribute schemes that are growing both in number and sophistication.
These scams prey on users’ curiosity and desire for easy gains, promising sizable amounts of free cryptocurrency in exchange for seemingly simple participation.
Exploiting the Trust of a Tech Giant
Google Forms is recognized for its convenience, accessibility, and robust technical backing from one of the world’s most established technology companies.
However, its open-access model is being abused by attackers to create professional-looking but entirely fraudulent surveys and notification emails.
According to cybersecurity news sources, such schemes have surged by 63% in 2024 and continue their upward trajectory into 2025.
The attackers’ core tactic is simple: they send emails purporting to be from reputable crypto platforms, promising recipients that a large sum, often quantified in eye-catching amounts like 1.275 BTC is waiting to be claimed.
The recipient is then asked to follow a link generated via forms.gle, Google’s own URL shortener for Forms.
The technical elegance of this scheme lies in its exploitation of Google’s trusted infrastructure.
By transmitting phishing emails from Google’s mail servers and embedding links to forms.gle, these messages successfully evade most traditional spam and phishing filters.
The use of legitimate Google domains and servers means the emails carry a veneer of authenticity, even as their content remains dubious at best.
In contrast to traditional spam or fraud campaigns, these emails often bypass technical safeguards that would otherwise flag or quarantine suspicious content.
Data Harvesting Risks
According to a Kaspersky report, upon clicking the link, users are directed not to a real cryptocurrency exchange or wallet, but to a form masquerading as a legitimate claim portal.
Victims are typically prompted to provide sensitive information, including their crypto wallet details and email credentials, ostensibly to process the payout.
Some forms escalate the ruse by later requesting payment of “processing” or “withdrawal” fees, thereby further monetizing the scam.
Victims who disclose their wallet details risk losing not only their personal information but also the contents of their digital wallets, resulting in potentially significant financial loss.
Experts warn that despite their frequently amateurish visual presentation, these scams remain highly effective because they take advantage of Google’s robust email infrastructure and the low bar of technical skill required to create a convincing Google Forms survey.
The persistence and growth of these attacks underscore an urgent need for heightened vigilance, especially among individuals who are new to cryptocurrency or online banking.
Cybersecurity professionals urge users to treat unsolicited emails promising significant financial windfalls with skepticism, regardless of the platform or sender.
Directing users to forms hosted on reputable-sounding domains like forms.gle should not override standard best practices for digital self-defense: never share private keys or wallet credentials, avoid paying upfront fees to unknown parties, and independently verify the legitimacy of any financial offer.
As Google Forms scams continue to rise, proactive dissemination of cybersecurity awareness is critical to closing the net on these evolving phishing techniques.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates
