How to Protect Yourself from Scammers Using Google Forms for Fraudulent Job Offers

In the current job market, where opportunities are scarce and highly sought after, scammers are finding innovative ways to exploit job seekers. Recently, Malwarebytes uncovered a sophisticated phishing scheme that involves sending out fraudulent job offers through emails and LinkedIn messages. These typically include links to counterfeit Google Forms that are specifically designed to steal your account information. Below, we outline the mechanics of this scam, as well as how you can safeguard yourself against it.

Understanding the Mechanics of the Google Forms Job Scam

Job scams are not a new phenomenon, and most people are accustomed to the typical WhatsApp messages promoting dubious job opportunities. It’s relatively easy to block these senders, especially since you don’t even need to read such messages to take action.

Conversely, an unsolicited email or LinkedIn communication from someone posing as a recruiter can appear markedly more legitimate, particularly if it includes a link to a Google Forms document. This link could very well be a part of a calculated effort to harvest your account credentials.

The phishing campaign identified by Malwarebytes directs unsuspecting victims to a URL that looks deceptively genuine: https://forms.google.ss-o[.]com/forms/d/e/{unique_id}/viewform?form=opportunitysec&promo=. The inclusion of “ss-o” is designed to invoke familiarity with “single sign-on, ” which is an authentication process that enables users to log into multiple platforms using a single set of credentials, thereby increasing the link’s seeming legitimacy.

Once users click on the link, they are taken to a page that closely mimics Google Forms, complete with the recognizable logo, color scheme, and other authentic-looking features, including a ‘Submit’ button.

Before allowing access to the faux job interview questions, the form requests users to log in with their Google accounts. If users comply, they are redirected to an id-v4.com domain—which has since been taken down—that has been associated with various phishing activities over the past year.

Tips to Protect Yourself from the Google Forms Scam

With the increase in Google Forms scams—reportedly rising by 63% in 2024 according to Kaspersky—being aware of these fraud tactics is crucial. Here are several essential precautions to keep in mind:

Always treat unsolicited job offers with skepticism. While genuine opportunities do exist, it’s prudent to verify the legitimacy of the company contacting you. This is easily done by researching the organization on LinkedIn, where reputable companies typically maintain an official presence and post job openings in dedicated sections on their websites. Cross-reference the role you are being offered with legitimate postings.
If a sender pressures you to click a link or evades your subsequent inquiries, consider it a red flag. Be particularly wary of messages requesting payment or promising monetary rewards, which should lead you to delete the message immediately and block the source.

Utilize a password manager for added security. This tool can help protect you by refusing to autofill passwords on suspicious websites. It’s beneficial to understand the difference between built-in browser password managers and reputable third-party options.

Viewing Malwarebytes integration in ChatGPT.

Leverage the new integration of ChatGPT with Malwarebytes to assess whether an email or message could be malicious.
If you’re uncertain about a link’s legitimacy, hover over it to inspect the URL for any misspellings or anomalies. However, remember that this method may not always be foolproof, as scams are increasingly sophisticated and hard to detect.
Implement comprehensive anti-malware software like Malwarebytes on your devices to provide real-time protection against potential threats.
Strengthen your online security by enabling two-factor authentication (2FA) on your accounts, minimizing the risk of unauthorized access, even if you accidentally fall victim to a phishing attempt.

Additionally, if you frequently use LinkedIn, consider reviewing this informative article that outlines various scams that you might encounter on the platform.

Source & Images