Do Not Open the Google Docs Email You Receive Today: It May Be a Scam

Protect yourself now from a malicious phishing email that’s spreading like wildfire.

Share on
BY Joseph Steinberg - 04 May 2017

PHOTO CREDIT: Getty Images

There is a malicious email that is spreading like wildfire right now -- and it can cause you serious harm if you fall prey to it as so many others have.

Here is what you need to know not to become a victim:


What is the email?

The email appears to be from someone you likely know and contains a link to a document that that person is sharing with you. Except, that the email was not sent by your colleague, and the link does not open a legitimate document; it takes over your Google account (and, in some variants, may spread malware) and may inflict all sorts of harm. It uses an app called Google Docs -- but it is not the real Google Docs.


What does the dangerous email look like?

Here is an image of an example of the attack that I received - it came with the return address of a known journalist with whom I have collaborated in the past. Emails like this from other folks have also hit others in the Inc. office.

In this case, the strange recipient address is a good clue that something is amiss. But, yours may arrive just to your address. Before opening any unexpected attachment, confirm with the sender.


Won't my security software stop it?

In many cases, no. For whatever reason, this email was not stopped by the spam filter on my mail server, nor by the spam filter on my computer, nor by the Internet security software on my computer, nor by any other technical solution along the mail path. The only thing that stopped me from becoming a victim was my own human vigilance.

And that is what you need as well.


What should you do?

Do not click the link if you receive an email like the one above. If you are expecting some Google Docs attachment text or call the sender to confirm legitimacy before opening anything.

Also, make sure you have up-to-date security software on every device - computer and mobile. While this particular attack may not be caught (yet) by some systems, millions of others are stopped automatically.


What do I do if I clicked the link?

Disconnect your device from the Internet. Immediately.

Notify all of your contacts that a malicious email may have been sent from your account (it is best to do this on social media, not just via email). Tell them not to open it or click links in it. You can send a link to this article as a reference of what is going on and what to do.

If you have access to someone knowledgeable about information security, ask her or him to help you.

Block access for "Google Docs" via the real Google's permissions page at:

Backup all of your data to a new backup device and do not attach it to anything else.

Run a full scan of your computer with Internet security software - ideally with more than one package. If your computer is on a network, ideally run a scan on all devices on that network.

Change your password to any systems that you accessed from the potentially infected machines (but change the passwords using a different device!).

If you disclosed any personal information using the potentially infected machine that could lead to identity theft, or that information is situation on that device or in your Google account, contact credit bureaus to place an alert on your account.