Crypto scammers target users through Google Forms, warns Kaspersky
Knowing the email address of the potential victim, the attackers send a scam email through Google Forms, which is designed to appear as a notification from a crypto exchange service. Users are invited to receive an alleged transfer in cryptocurrency by following a link to a website where they are instructed to contact 'blockchain support' and make a 'commission' payment in crypto to receive the transfer. Following these instructions could lead to the loss of funds, as the whole 'transfer' story is a hoax.
The attackers used Google Forms – a free tool for online surveys – to create a short questionnaire with just one slot to fill in: the email address. The attackers themselves input the victim's email address into the form, and then Google Forms sends a questionnaire submission confirmation email to the victim. The attackers crafted this form submission confirmation to look like a notification from a crypto transaction service – indicating a sum to allegedly be paid out, urging the user to click on the link to receive the payout before it 'expires'.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
IOL News
5 days ago
- IOL News
Tax season scams: How institutions can stay one step ahead
South Africans continue to meet their tax filing deadlines, cybercriminals have unleashed a wave of sophisticated scams Image: Supplied As South Africans continue to meet their tax filing deadlines, cybercriminals have unleashed a wave of sophisticated scams designed to exploit both individuals and institutions. "The latest scam is a SMS indicating that SARS is conducting an audit on a Tax refund. The link leads you to a phishing website, aimed at stealing your information. See the scam prototype here," the revenue service warned taxpayers earlier this year. According to cybersecurity firm Kaspersky, phishing "accounted for 67% of cyber incidents among South African organisations over the past year, with a 29% year-on-year increase in such scams recorded as tax season opened". Sameer Kumandan, Managing Director of data firm SearchWorks, says scammers are mimicking SARS communications with 'unprecedented' accuracy "Scammers are mimicking real SARS communication down to the last detail - and unless organisations strengthen their verification processes, they risk being caught off guard,' Kumandan said. Kumandan further warned institutions that failure to upgrade identity verification and monitoring systems could expose them to serious financial and reputational risks during this high-pressure period. "For businesses, especially accountable institutions handling large data volumes and transactions, the risks are twofold: they may be targeted directly or indirectly impacted through compromised clients,". Video Player is loading. Play Video Play Unmute Current Time 0:00 / Duration -:- Loaded : 0% Stream Type LIVE Seek to live, currently behind live LIVE Remaining Time - 0:00 This is a modal window. Beginning of dialog window. Escape will cancel and close the window. Text Color White Black Red Green Blue Yellow Magenta Cyan Transparency Opaque Semi-Transparent Background Color Black White Red Green Blue Yellow Magenta Cyan Transparency Opaque Semi-Transparent Transparent Window Color Black White Red Green Blue Yellow Magenta Cyan Transparency Transparent Semi-Transparent Opaque Font Size 50% 75% 100% 125% 150% 175% 200% 300% 400% Text Edge Style None Raised Depressed Uniform Dropshadow Font Family Proportional Sans-Serif Monospace Sans-Serif Proportional Serif Monospace Serif Casual Script Small Caps Reset restore all settings to the default values Done Close Modal Dialog End of dialog window. Advertisement Video Player is loading. Play Video Play Unmute Current Time 0:00 / Duration -:- Loaded : 0% Stream Type LIVE Seek to live, currently behind live LIVE Remaining Time - 0:00 This is a modal window. Beginning of dialog window. Escape will cancel and close the window. Text Color White Black Red Green Blue Yellow Magenta Cyan Transparency Opaque Semi-Transparent Background Color Black White Red Green Blue Yellow Magenta Cyan Transparency Opaque Semi-Transparent Transparent Window Color Black White Red Green Blue Yellow Magenta Cyan Transparency Transparent Semi-Transparent Opaque Font Size 50% 75% 100% 125% 150% 175% 200% 300% 400% Text Edge Style None Raised Depressed Uniform Dropshadow Font Family Proportional Sans-Serif Monospace Sans-Serif Proportional Serif Monospace Serif Casual Script Small Caps Reset restore all settings to the default values Done Close Modal Dialog End of dialog window. Next Stay Close ✕ To stay ahead of fraudsters, Kumandan has recommended four key focus areas for accountable institutions: Strengthen identity verification processes Tax-season scams often involve impersonation - making robust identity verification a frontline defence. Accountable institutions should ensure their Know Your Customer (KYC) protocols include multi-factor authentication (MFA), biometric ID verification, and real-time document validation against trusted data sources. Dormant, inactive, or high-risk accounts should be reverified before any transactional activity is permitted. Keep customer records and risk profiles current Fraud often exploits outdated or incomplete records. Institutions should continuously refresh customer data and risk scores, synchronise records across departments, and use machine learning tools to flag anomalies. Data hygiene is more than a compliance requirement - it's a strategic shield against social engineering. Leverage technology for real-time monitoring Transaction monitoring shouldn't be reactive. Use real-time analytics to flag unexpected login behaviour (such as geolocation shifts or device changes), unusually high transaction volumes, or rapid movement in new accounts. Institutions should also monitor for red flags around SARS refund timelines, when fraudulent withdrawals are most likely to spike. Prioritise education and fraud awareness Internal teams and clients are often the weakest security link - but also the most scalable defence. SARS regularly publishes updated scam alerts on its website, which institutions should actively circulate. In-house phishing simulations, seasonal fraud briefings, and client education campaigns can significantly reduce vulnerability. Ultimately, tax season is a pressure test - not only for compliance teams, but for the systems and habits that underpin them. Institutions that invest in proactive monitoring, smarter verification, and continuous education are far better positioned to protect their clients and their reputations long after the filing deadline has passed. IOL Business Get your news on the go, click here to join the IOL News WhatsApp channel
IOL News
7 days ago
- IOL News
Crypto scammers target users through Google Forms, warns Kaspersky
Kaspersky researchers warned on Monday they have discovered a new wave of scam attacks that use Google Forms to target crypto users. Knowing the email address of the potential victim, the attackers send a scam email through Google Forms, which is designed to appear as a notification from a crypto exchange service. Users are invited to receive an alleged transfer in cryptocurrency by following a link to a website where they are instructed to contact 'blockchain support' and make a 'commission' payment in crypto to receive the transfer. Following these instructions could lead to the loss of funds, as the whole 'transfer' story is a hoax. The attackers used Google Forms – a free tool for online surveys – to create a short questionnaire with just one slot to fill in: the email address. The attackers themselves input the victim's email address into the form, and then Google Forms sends a questionnaire submission confirmation email to the victim. The attackers crafted this form submission confirmation to look like a notification from a crypto transaction service – indicating a sum to allegedly be paid out, urging the user to click on the link to receive the payout before it 'expires'.
eNCA
21-07-2025
- eNCA
Kaspersky warns of SARS-themed phishing scams
File: A computer screen flashing the words "Scam Alert". AFP/Tony Karumba JOHANNESBURG - As South Africa's tax season gets underway, cybersecurity firm Kaspersky is urging citizens and businesses to stay vigilant amid a surge in phishing scams. Cybercriminals are increasingly sending fake SARS-related messages, taking advantage of the auto-assessment period to deceive taxpayers. Kaspersky advises the public to think carefully before clicking on suspicious links and to report any suspected scams directly to SARS to avoid falling victim to fraud.
