Don't Fall for This Google Docs Phishing Scam The 'highly sophisticated' phishing campaign appears to have hit a number of journalists, along with individuals from other industries.

By Angela Moscaritolo

This story originally appeared on PCMag

Shutterstock.com

Did you click on an unsolicited Google Docs email invite yesterday? It might have been a scam.

According to Vice's Motherboard, online miscreants on Wednesday launched a "massive phishing campaign targeting Google accounts." The "highly sophisticated" campaign appears to have hit a number of journalists, along with individuals from other industries, the report notes.

The fraudulent emails include what appears to be a Google Doc link from someone the recipient knows. "These, however, are malicious emails designed to steal your Google password or hijack your account," Motherboard advises.

Reddit user JakeSteam, who received the phishing email, said clicking the purported Google Docs button in the message takes you to an actual Google page, which asks you to grant access to an app masquerading as Google Docs. Granting permission would give the attacker full access to your email messages and contacts. The email then replicates itself and spreads to "everyone you have ever emailed," according to JakeSteam.

Affected individuals who clicked "allow" should revoke access to the fake Google Docs app right away, JakeSteam recommends.

The attack can bypass two-factor authentication, so having that additional layer of security enabled won't help you. Note that it's still a good idea to have two-factor authentication enabled, as it makes your account much harder to crack.

Google did not immediately respond to PCMag's request for comment. But in a statement posted to the @GoogleDocs Twitter account, the company said "We have taken action to protect users against an email impersonating Google Docs [and] have disabled offending accounts. We've removed the fake pages, pushed updates through Safe Browsing and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail."

This phishing campaign comes after attackers in January targeted Gmail users with a sophisticated ploy designed to steal usernames and passwords.

Angela Moscaritolo has been a PCMag reporter since January 2012. 

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Most Popular

See all
Side Hustle

After a 12-Year-Old's Side Hustle Made Over $4,000 in 1 Day, He and His Dad Grew the Business to Nearly $50,000 a Month: 'It Takes Commitment'

Madden Forrest and his father, Steven, turned their passion for football into a lucrative business.

By Amanda Breen
Business Ideas

70 Small Business Ideas to Start in 2025

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2025.

By Eve Gumpel
Business News

10 Surprising and Inspiring Quotes From Brian Wilson, the Genius Behind The Beach Boys' 'Pet Sounds'

The Beach Boys' Brian Wilson died this week at age 82, but his music is still blowing minds.

By Dan Bova
Business News

Here Are the 10 Highest-Paying Jobs For New Graduates With a Bachelor's Degree — and They All Start at Six Figures

According to a new report from Resume Genius, finding a high-paying job as a new grad is possible, even in this market.

By Erin Davis
Side Hustle

Use This AI-Powered Platform to Turn Your Side Hustle into a Scalable Business

Turn a side hustle into something sustainable with Sellful's ERP White Label plan.

By Entrepreneur Store
Employee Experience & Recruiting

I Wish Every Entrepreneur Had a Dad Like Mine

I learned entrepreneurship by silently observing everything my dad did; a true businessman through and through. Here's why I wish every entrepreneur had a dad like mine.

By Chad Willardson