Once again, ITS has received reports of a phishing attempt that is going around campus. This attempt appears like a message with a link to a file in Google Drive:
Some details that should make you suspicious of this email:
- Misspellings and grammar errors (i.e. space before the question mark, misspelling of doc in “view dock here”, its when it should be it’s, etc). Especially when the sender usually pays attention to these details
- The email asks you to sign to Google Apps to view the document when you are already signed in to read your email.
- When you hover over the link, you can see that it is a shortened link and not a docs.google.com link.
Take a look at this example of a document that was legitimately shared from Google Drive. Pay attention to the following details:
- “via Google Docs” next to sender name.
- Box that says “I’ve shared an item with you” as well as the file name and the icon for the file type. If there is a message in this email, it should be in this box.
- You should see the Google logo at the bottom.
What should you do about phishing emails?
When you suspect that you have received a phishing email, you should notify ITS and then report the email as a phishing email NOT SPAM.
To report a phishing email:
Click on the arrow next to the reply button on the email and choose Report phishing
Never enter your username and password on a site that looks suspicious. If you think that you may have fallen for a phishing scam, change your password on that account immediately (as well as other accounts in which you use the same password.)
As always, if you have any questions about this topic, please feel free to contact me.