Fraudsters are increasingly using recognizable and trusted domains to perpetuate phishing schemes that trick people into handing over their personal and financial information. In recent months, bad actors have exploited settings for both Google and PayPal to lull targets into a false sense of security, making these attacks harder to spot.
Another way scammers are trying to look legitimate while evading detection is through Google Forms that request sensitive data.
Phishing via Google Forms is not new. As a recent report from ESET Security points out, Google Forms are free, easy to create and implement, and trusted by users, making them a low-risk, high-reward vector for scammers. They're also encrypted with TLS and use dynamic URLs, making them less likely to be flagged as malicious.
Google Forms scams may have several aims, ranging from stealing your login credentials or banking details to redirecting you to a fraudulent site that installs malware on your device.
A recent (and relatively sophisticated) iteration of this scam targeted higher education, including students, faculty, and staff at 15 institutions in the U.S. A post on Google's blog from February 2025 outlines a campaign in which attackers sent links to Google Forms that mimicked legitimate university communications, complete with the school names, color schemes, and logos or mascots displayed in the headers. The forms were designed to trick recipients into providing university account credentials and, in some cases, financial institution logins under the pretense of maintaining an existing account or distributing aid.
Scammers sent forms out around important dates on the academic calendar, such as financial aid deadlines, when recipients have lots of administrative tasks to complete and are less likely to notice potential red flags.
While Google notes that all of the malicious forms identified were eventually removed, Stanford University's Information Security Office issued an alert on April 23 warning of a similar phishing scheme meant to steal passwords and Duo passcodes for university network accounts.
The attack begins with Stanford-branded Google Forms hosted on real google.com domains with valid SSL certificates. The forms appear to come from real Google email addresses and may include familiar names in the notifications (such as "[Name] shared a document"). Not only do these forms look legitimate, but they are able to get past email malware detection.
How to avoid phishing attacks using Google Forms
Always have a critical eye when using Google Forms. Don't open forms sent unsolicited, and never, ever submit sensitive information—login credentials, bank account numbers, etc.—via Google Forms. (Google displays this warning on the form itself. Heed it.) No legitimate institution will request this type of data via Google Forms anyway, and if you're not sure, contact the organization directly to confirm the request.
Not all Google Forms phishing campaigns will be as well-designed as those targeting higher ed, so you should also look for misspellings, punctuation errors, and odd salutations. One of the examples identified by ESET begins with "Hello, Dear!"
If you believe you have already submitted sensitive information via Google Forms, change your login credentials, freeze your credit cards, and stay on top of your accounts and credit report to identify any fraudulent activity. You should also be on the lookout for any signs of malware on your computer and remove it as quickly as possible (whether you're on Mac or PC).
Read More Details
Finally We wish PressBee provided you with enough information of ( Beware of This Sophisticated Google Forms Scam )
Also on site :
- Rodney Hinton Jr., whose 18-year-old son was shot dead by police, denied bond in killing of sheriff’s deputy
- 'Bachelorette' Star Hannah Brown Reveals Rare & Shocking Health Condition
- Kelsey Grammer Reveals Former Girlfriend Aborted Their Son When He Was in College