How Not to Fall for the New Official-Looking Google Forms Phishing Scam

How the Scam Works

How to Protect Yourself

  1. There are no free rides. Resist thinking the strangers you have never interacted with on the internet love you so much to want to send you freebies, including money. That kind of mindset is uniquely suited to scammers who would lure you into financial disasters.
  2. Recognize that just because you’ve received an email receipt doesn’t mean you requested one! Your email address could be entered into anything, and you’d receive a signup email or a receipt confirming it. When it comes to Forms, remember that if it’s a RECEIPT, it shouldn’t be asking you for anything. Nothing — not your email address, not additional action via a link — nothing. A receipt, whether malicious or not, is simply a record of previous actions, not a request for new ones.
  3. Always report. At the bottom of the form receipt email, you’ll notice a “Report Abuse” button. By clicking here, you’ll be taken to a Google form where you may report fraudulent behaviour. You can click this without concern because the form receipt was supplied by Google (just don’t click anything in the form body!). Simply click the blue “SUBMIT ABUSE REPORT” button after selecting the “Spam, malware, or “phishing” (fake login) option.
  4. Mark the email as spam and delete it in the spam folder. Enough people doing this will alert the spam filtering algorithm of the Email Service Providers.
  5. Be Vigilant. Whether you face this regularly or not, you should remain vigilant and only click on stuff you can absolutely trust. Scammers are becoming inventive so you can receive emails from official sources that contain unofficial stuff like this.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store