Google Forms’ quiz exploited in spam attacks

Threat actors have been facilitating new spam attacks by exploiting the quiz results functionality of Google Forms, SiliconAngle reports. Attacks involve the use of the option enabling later release of grades to compel email address collection from respondents, as well as the activation of other settings to evade spam blockers, according to a report from the Cisco Talos Intelligence Blog. Individuals targeted by the spam attacks will then be redirected to a legitimate-looking cryptocurrency site seeking additional forms for a free bitcoin. Despite the elaborate scheme, no bitcoins were found to have been collected by the attackers, noted researchers. "The amount of setup work necessary to conduct a spam attack such as this, combined with the extraordinary attention to detail put into the social engineering for the subsequent cryptocurrency scam, demonstrates just how far cybercriminals will go when it comes to separating victims from even a small amount of money," said researcher Jaeson Schultz.