Google Docs Virus and Other Phishing Scams: How to Spot and Avoid Them

Millions of people woke up to a phishing email in their inbox with a supposed link to a Google Docs. If a user clicked on the “Open in Docs” button, the scammer would snag that person’s Google credentials through the so-called Google Docs virus. Then, the phishing email would be forwarded to all of the victim’s contacts. If the person simply deleted the email, the threat was nullified.

The attack is one of many that has been causing concern to internet users who are unsure of how to distinguish real emails from phishing scams. There are a couple of red flags you can look for, and a couple of easy ways to protect yourself.

How to Spot a Phishing Email

Phishing is a common technique where fraudsters send emails that look like they’re from your contacts or reputable companies. In actuality, the emails contain links to or attachments that contain malware.

Hackers use social engineering to make phishing emails look more convincing. This can be done in a number of ways. If the hacker has gained access to someone else’s email, they can spread their malware through the hacked email address.


This means that if your Aunt Suzie clicked on a malicious link and got a virus on her computer, hackers can use her email to further spread the virus. If you get an email from a known contact with an unusual message or just a link, be wary–it’s not necessarily from who it looks like.

Another tactic that hackers use is sending phishing emails from phony addresses that are very close to legitimate email addresses. For instance, a hacker may create an email address technicalsupport@gnnail.com.

Phishing email containing Google Docs virus.
Phishing email containing Google Docs virus.

A close look will reveal that the domain is not Gmail’s at all, but hackers are relying on rushed people clicking before processing the information. Hackers can also use characters from other alphabets to make the distinction even more difficult (e.g. gma¡l.com)

The bottom line is, if there is anything suspicious about an email that contains a link or an attachment, don’t click on it. Find a way to contact the person who purportedly sent it and verify that the link or attachment is actually from them. In the case of the Google Docs virus, the email said, “To: hhhhhhhhhhhhhhh@mailinator.com”–that should’ve been a major red flag to the recipients.

Use Multi-Factor Authentication to Protect Your Accounts

Multi-factor authentication (sometimes called two-factor authentication) means that your email provider, bank, or other service provider will ask for a second authentication in addition to your password. Usually, this is a number texted to the phone number associated with the account.

Security experts recommend using this two-layered approach to stop identity thieves from gaining control of your accounts. If someone with multi-factor authentication fell prey to the Google Docs virus, the hackers would not gain control of the victim’s account because they wouldn’t have the second authentication. It’s a simple but powerful fix, and you can add it quickly to your Gmail account here.

Hackers are Trying to Steal Your Credentials

Gaining access to your accounts by stealing your passwords gives hackers a great deal of power. They can use those accounts to steal money, spread their viruses more easily, or create botnets.

Everyone must regard emails with links or attachments as highly suspicious. Never assume that these are safe to click on. If the message doesn’t sound right or the address it’s from looks funny, it’s better to verify that it’s legitimate before you click. Doing so works as your own, common-sense multi-factor authentication.

Leave a Reply

Your email address will not be published. Required fields are marked *