Google Docs is one of the world’s most popular document sharing and editing applications. Along with the ability to create and share documents, Google Docs allows users to add comments to these documents. In a new scam, cybercriminals have taken advantage of this feature by inserting phishing links into comments.
In this scam, cybercriminals use a real Google account to create a document in Google Docs and then tag you in a comment. You will then receive a legitimate email from Google, notifying you that you’ve been tagged in a comment. The comment will include an embedded phishing link and may appear to come from someone you trust, such as a co-worker. Unfortunately, if you click the phishing link, malware may be installed on your device.
Don’t fall for this trick! Follow the tips below to stay safe from similar scams:
Beware of suspicious links. Always hover your cursor over links before you click, and check the commenter’s email address to verify their identity.
Check the comment for grammatical errors, such as misspelled words or unusual phrases. Grammatical errors may be a sign that the comment is suspicious.
Don’t open documents or files that you weren’t expecting to receive. If you receive a document that you weren’t expecting, make sure you verify that the sender is legitimate before you open it.
Stop, Look, and Think. Don’t be fooled. Executive IT Help Security Team