Beware of the Google Docs Scam – How to Protect Yourself

May 15, 2017 | Views: 4192

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

google doc scam

Did someone share a Google Doc with you? If yes, you might be one of the millions of internet users who fell victim to this scam campaign.

In the last few days, a lot of people received emails from their contacts with a seemingly normal and legitimate invitation to view a Google document  which says that the person [sender] “has shared a document on Google Docs with you.”  It might even appear to have been sent from one of your known friends, family members, or colleagues – lulling you into a false sense of security.

Once the link is clicked, you will be redirected to a page which says, “Google Docs would like to read, send and delete emails, as well access to your contacts,” asking your permission to “allow” access.  Seems normal right? Google often asks for these types of permissions in other areas, plus the window kept the same theme of the typical Google Permissions request.

But, here is the catch. It’s a fake app! The app, Google Docs, is actually a guy named Eugene Pupov trying to trick you. Click the blue “Google Docs” link to get more info on the app:

Since the app will allow access to “manage your contacts” and “read, send, delete, and manage email”, it gives the attacker full access to your Inbox. It also allows the attacker to propagate the scam by sending the same email to all of your contacts.

In short, anything linked to a compromised Gmail account is potentially at risk and even if you enabled two-factor authentication, it would not prevent hackers from accessing your data (since you gave them direct access through permissions).

Now, What do you do if you’ve already fallen, victim?

If you fell victim to this scam, then you need to remove permissions given to the app.

  • Go to your Gmail accounts permissions settings at and Sign-in.
  • Go to Security and Connected Apps.
  • Search for “Google Docs” from the list of connected apps and Remove it. It’s not the real Google Docs

Though these types of scams can be scary, don’t loose hope. Stay informed and keep your guard up. If you’re suspicious of the invitation or attachment in an email, just ask the person who sent it if it is actually something you are supposed to open. If they don’t know what you’re talking about then just delete the email and save yourself trouble down the road.

I hope this information helped you. Thanks and good luck.

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?