Cybersecurity researchers have discovered a new phishing campaign in which hackers exploit Google’s cloud services to send fraudulent law enforcement data requests. The attacks aim to trick victims into handing over sensitive personal or corporate data.
By using trusted platforms like Google Forms and Google Drive, attackers are creating fake documents that appear to come from legitimate law enforcement agencies. These files often include official logos, legal language, and urgent requests for information to pressure recipients into compliance.
How the Scam Works
The operation begins with cybercriminals designing Google Forms that mimic real legal documents. These forms are then hosted on Google Drive to make them appear more trustworthy and avoid traditional email filters.
Victims receive links to the forms, often via emails that look like official government communication. Some emails even use spoofed domains or forged signatures to seem more convincing. Once the form is opened, victims are prompted to enter confidential data such as:
- Personal identification numbers
- Financial account details
- Corporate or proprietary business information
This data is then sent directly to the attackers’ servers, bypassing the usual signs of phishing activity.
Trusted Platforms Turned Against Users
One of the most alarming aspects of this campaign is the misuse of Google’s trusted infrastructure. Because services like Google Drive and Forms are widely used and rarely blacklisted, they provide a safe cover for attackers.
Hackers also use tools like URL shorteners and encrypted channels to hide their tracks and make detection more difficult. This level of sophistication is a growing trend in modern cybercrime, where attackers use trusted platforms against unsuspecting users.
Who’s at Risk?
The campaign targets a wide range of victims, including small businesses, large corporations, and government contractors. The use of law enforcement language and symbols takes advantage of a psychological weakness—people are more likely to comply quickly with legal-looking requests.
Cybersecurity experts urge organizations to verify any legal data requests by contacting the agency directly through confirmed channels. Suspicious details—such as grammatical errors, strange email addresses, or requests for sensitive data—should be red flags.
Google Responds
Google has been informed of the misuse of its services and is working to detect and stop the creation of these malicious forms. However, the evolving nature of the attacks makes it hard to completely eliminate the threat.
This incident is a reminder that even the most trusted tools can be turned into weapons by attackers. It highlights the need for constant vigilance, strong cybersecurity policies, and better training to help users recognize and report suspicious activity.
As digital platforms continue to serve as the foundation of communication and business, protecting them from abuse remains a critical challenge.
