With online scammers getting smarter by the day, phishing attempts can appear to come from anywhere. Many phishing attempts are easy to spot because they include a scam’s characteristic red flags, such as poor grammar or a fake email address. However, some phishing scams can appear to come from a source you trust, such as software you might use for work every day. Read on to learn about this Google Docs scam and how you can avoid it.

A recent phishing scam that has been circulating involves a popular software you have likely used: Google Docs. Google Docs allows users to create and share spreadsheet documents and gives other users the ability to collaborate and comment on these documents. According to KnowBe4.com, online scammers are taking advantage of the commenting feature by using it to spread phishing links. The scammer will tag potential victims in the comment, prompting the victim to receive a legitimate notification from Google that includes the phishing link. When this link is clicked, it is intended to install malware on a device.

What is so alarming about this scam is that the cybercriminal uses an actual Google account to embed the phishing link in a real Google Doc, so this phishing attempt can appear legitimate to the unsuspecting user. Scams like this stress why it is so important not to click on any suspicious links. If you receive an unexpected email that includes links, be sure to check with the sender to confirm it is legitimate — even if it comes from someone you trust. If you don’t recognize the sender or the email source at all, it is best practice to delete the email right away. When in doubt, close out!

We hope that spreading awareness of these common phishing scams helps you stay vigilant and stay safe online. Click here to read about other types of online scams and get some great tips to help you protect your personal data.


Connecting You to Your Best Life