A New Google Docs Phishing Scam

A new Google Docs phishing scam is making its way around the www. To understand how this very sophisticated attempt works and how you could be at risk, picture the following…


You are looking through your email when all of a sudden, your good friend Stan Lee has shared a Google Doc with you. Excited to see what your friend thought was important enough to put it in a Google Doc, you start to open it. Maybe you are going to collaborate on something amazing. You quickly click the ‘Open in Docs’ link, and you are taken to a secure page where you can log in to your Google account and see the document. You type in your user name and password and submit. Now you are met with a Google Doc of either gibberish or one that is simply blank. In the mean time, your email address and password have been submitted to a malware script, hosted unknowingly by a random third party. Your Google username and password have now been swiped by this phishing attack.

That is not a Google address or any address that you know!

DELETE IT! Do not open it, do not pass go, do not collect $200.

If you have fallen victim and filled out the form, immediately change your Google password.


Checking the links BEFORE you click on them is a key here, you see that the address points to an IP. That’s not the usually way – be warned here!


Quick tips

  1. Always check the header and meta-data of the eMail you got.
  2. Check the eMail, spelling or grammar errors or mostly one indicator that this is fake.
  3. Check the links before you click on them, if you’re unsure simply don’t click it!
  4. Report phishing scams! In the United States, use the FTC Complaint Assistant form. In Canada, the Canadian Anti-Fraud Centre can provide support. In the United Kingdom, you can report fraud as well as unsolicited calls.
  5. Whenever you receive a phone call or see a pop-up window on your PC and feel uncertain whether it is from someone at Microsoft/Facebook/others, don’t take the risk!
  6. Consider to use e.g. Thunerbird or another external eMail application, such clients often have some extensions to automatically inspect the headers or scanning the eMail against additonal anti-scam databases.
  7. Check the eMail address against a search engine, maybe it’s already indexed or there already warnings on the internet that the address is fake/scam.