Tuesday, March 31, 2020

I Almost Fell for this Google Docs Phishing Scam! Watch Out!

Must Read

With Social Distancing in Effect, Try Social Media “Gathering” Instead!

Because of the Coronavirus (COVID-19), medical professionals are recommending social distancing. I am recommending using Social Media "Gathering" instead!

How to Pitch Tech Writers & Influencers – Voices from 8 Tech Journalists (incl. HighTechDad)

If you are a vendor or PR firm looking to get a tech writer, influencer or journalist to write about yoru product or service, read these tips!

Features to Look For in a Dash Cam – The Thinkware F800PRO Dashcam Has Them All!

Key items to look for in a dashcam - basic and high-end features. Review: Thinkware F800PRO dash cam has all of the premium features in a compact design.

The 10Minds Motion Pillow Anti-Snoring Pillow Actually Works! Review on How It Does It (Updated w/ Video)

Review of the 10Minds Motion Pillow - a pillow which detects snoring and gently inflates air bags inside to move the snorer's head slightly.

How To Fix Almost Any Mac Software Problem Using these 4 Techniques

This How To article walks through 4 critical techniques to resolve almost every macOS software problem using proven tactics. Tips can be used with PC's too.
- Advertisement -

I just received an email from a friend. The subject was “INVITATION” and the contents of the email simply contained the words “[name withheld] has sent a message regarding the following document: [withheld] Invitation Hello guys, remember to login and check it out.” I removed the name and other personal information to protect the innocent. I hadn’t heard from this person in a while but everything on quick scan looked legitimate. And, I almost submitted my personal login information on a site that also looked legitimate. But then I stopped. Something didn’t feel right. Here’s why I stopped in my tracks and why I now know it was a Google Docs Phishing Scam.
HTD Google Docs Phishing Scam - email

Update 5/3/17 – A new version of this is making the rounds. But Google is addressing it!

I’m going to dissect this a bit. And the order listed below doesn’t actually represent the order of actions that I did. I will put “warnings” that people should look for if they receive something they think is an email phishing scam.

The image above shows the email that I received. It looked almost familiar. It was very similar to other Google Doc notifications I had received in the past. It showed the person’s name as well as a project or site that I was familiar with. Warning #1 – there was no photo of the person in the email. While this isn’t that big of a warning, many people on Google Docs do have a profile picture.

- Advertisement -

I inspected the senders email address. It was actually the proper one. I looked at the email headers. They showed that it was “sent” from mx.google.com so that looked legitimate as well.

While my next real action was actually (and stupidly) to click through the email link of the “invitation” which in hindsight, is probably not the best course of action. I actually did click through and started to fill out the form I was presented within (image a bit later on in this article) and then I stopped. And I started the forensics.

I looked back at the email and held my mouse over the “invitation link.” You can see the link in the image below (I will not be putting the link as an active link in this article.) Warning #2 – link is NOT Google Docs.

HTD Google Docs Phishing Scam - link

The link shows “trakanmedia DOT com”. You can see the WHOIS information for that site below:

- Advertisement -

HTD Google Docs Phishing Scam - whois info #1

The URL in the email immediately redirects to another site, the one that hosts the Google Docs Phishing Scam form. The site domain is “interesting DOT am” and it goes to a longer URL. Warning #3 – link in email immediately redirects to a completely different domain. Below is the WHOIS for this other site.

HTD Google Docs Phishing Scam - whois info #2

This Google Docs Phishing Scam is so simple, it almost worked!

The site looks quite legitimate. It has the look and feel of a valid Google Docs login page. And once I stepped back and thought about this, I knew I had come across a Google Docs Phishing Scam. Here’s what the page looks like:

HTD Google Docs Phishing Scam - phishing page

There are many warnings here. Warning #4 – none of the other links on the site actually are active. “Help” links and the links in the footer do not go anywhere (they just have a “#” link to make them active). Also, normally if you go to a Google Docs login, you will not be prompted to enter in other types of email addresses (at least I don’t think you do). Warning #5 – form tries to capture ANY email and password.

HTD Google Docs Phishing Scam - email provider

I decided I would look at the domain itself. When I stripped off the trailing path from the domain and went to the root, I saw that the site was “coming soon” and was a long way off. This seemed odd since the form was actually active despite the coming soon. Warning #6 – site seemed phishy in general with no additional information.

HTD Google Docs Phishing Scam - fake site

So, looking through all of the aspects of this, I realized it was a Google Docs Phishing Scam. Immediately, I sent a note to the person who supposedly sent this email, asking if he had meant to send it. It is quite possible that his email (which happened to be a Gmail address) had been compromised by a similar Google Docs Phishing Scam (read this Gizmodo article) or other type of scam so he might not actually receive the email. And, if his account was indeed compromised, the scammer could just as easily send a reply saying that it was actually him that sent it. I plan on contacting him via another method. But the problem is that once a scammer gets access to your email account, they can take over other accounts like social media or worse.

Anyway, please share this with your friends and coworkers. Be warned, the phishing scams are scary and dangerous!

HTD says: In the age of digital communication, phishing scams can wreak havoc with your online and offline life. Watch out for this Google Docs Phishing Scam!


  1. My wife fell for this. We changed her password and the password was used for nothing else besides her gmail. Any other safeguards we should take or are we ok?


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

- Advertisement -
- Advertisement -

Hot Articles

How to Remove Little Black Square Paragraph Formatting & Page Break in Microsoft Word

Recently, I received a panicked email from my step-mom wondering why a page break could not be removed from...

How to Remove Little Black Square Paragraph Formatting & Page Break in Microsoft Word

Recently, I received a panicked email from my step-mom wondering why a page break could not be removed from Microsoft Word. Normally, if you...

Instagram Users – How to Clear the Instagram Cache & Save Space on your Smartphone

If you are a heavy Instagram user, you might not know this but the more you use Instagram, the photo-sharing service and mobile application,...

How To Hook Up a DISH Wireless Joey & Extend Your Viewing Without Wires

Setting up a DISH Wireless Joey is extremely easy and takes less than an hour. Here are the steps and what to expect in the setup process.

How To Fix Track Changes in Microsoft Word 16 for Mac Reverting to “Author” [VIDEO]

Is your author or user name showing as "Author" in your Microsoft Word for Mac when you edit & track changes & not your actual user name? Here's how to fix!
- Advertisement -

More Articles Like This