Google Docs Phishing Alert

A new phishing scam is taking the internet by storm today. Here’s how to protect yourself.

What’s happening

Customers are receiving emails that someone--often, someone they know--wants to share a document hosted on Google Docs. The subject line says “[Person] has shared a document on Google Docs with you”, and the email is sent from a legitimate @gmail.com account. The email is sent to an address@mailinator.com. Please see the image below for reference.

When customers click the “Open in Docs” button embedded in the email and sign in to their accounts, their passwords are stolen.

The malicious script then sends the phony email to addresses in the Contacts folder, which is why this phish looks like it’s coming from your friends.

How to respond

The best defense is to not click the link in the email.

If you receive this email and haven’t clicked the link, please delete the email.

Google appears to have taken steps to stop the spread of this attack.

Technology Services is currently working to identify any Google Apps @ Illinois accounts that may have been affected by this attack, and we will be in contact with those customers if action needs to be taken.

Get help

For questions or assistance, please contact the Technology Services Help Desk at 217-244-7000 or email consult@illinois.edu.