Watch CBS News

Beware unexpected Google Docs, the latest phishing scam

Be careful when opening emails claiming to include links to a Google Document shared by people you know —they might be part of a phishing scam that spread quickly across the internet Wednesday.

Staff at multiple media outlets, including CBS News, reported receiving the emails, which look nearly identical to the actual ones Google Drive sends when a person shares a document. 

It is not clear if any accounts belonging to government officials were compromised, but information technology staff in at least one Senate office warned political staff about the phishing attempt, CBS News has confirmed.

Many of the emails include the address in "" in the "send to" section.  

This email about a Google Doc appears to be from someone the user knows, but is actually a phishing attempt. CBS News

Many people who received the suspect invitations took to Twitter to warn others.

If users click on the fraudulent link, they are brought to a Google page where they are asked to grant "Google Docs" access to all of their Google accounts — giving hackers an open door to their email and private documents.

It is not clear who is behind the phishing effort.

The phishing attempt spread across the internet for several hours before Google appeared to at least block the page allowing users to give data permissions. 

Google said in a statement sent to CBS News that by late Wednesday afternoon it had disabled accounts associated with the phishing attempt.

"We have taken action to protect users against an email impersonating Google Docs, and have disabled offending accounts," the company said. "We've removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again. We encourage users to report phishing emails in Gmail."  

In an earlier tweet, Google warned users not to click suspect links.

Got news tips about digital privacy, social media or online marketing? Email this reporter at, or via his encrypted address, (PGP fingerprint: 4b97 34aa d2c0 a35d a498 3cea 6279 22f8 eee8 4e24). 

View CBS News In
CBS News App Open
Chrome Safari Continue
Be the first to know
Get browser notifications for breaking news, live events, and exclusive reporting.