https://cofense.com/phishers-using-google-forms-bypass-popular-email-gateways/
Cyber security firm, Cofense, has reported an increase in the number of Office 365 themed phishing scams. These attacks come from a legitimate financial company email account that has been hacked, allowing the scam emails to pass basic security checks. The emails claim to be from a user’s IT team asking them to update their Office 365 via the link provided to prevent it from expiring.
The link then directs to an online form that asks for a user’s login credentials, which, if entered, are forwarded to the attackers. However, this form is poorly made with formatting and grammatical mistakes that point to it being fake; errors such as these are a common way to help spot less sophisticated phishing attacks.
Scams also often use alarmist language designed to scare the recipient into revealing credentials. To help prevent falling victim to attacks such as these, try to verify the information received by another means; for example, in this case a user could contact their IT department via a genuine email address or phone number to check if they have sent the email in question.