Just a short time ago I received an email from the management company that owns the building I live in inviting me to view an attached Google doc. My roommates and I are nearing the end of our lease so I thought it might be a form about whether we would continue living in the same apartment next year.
When I went to view the document, however, a huge red flag popped up when it asked for my login information. If you’re familiar with how shared Google docs work, you should know that you don’t need to provide your Google username and password to access the document, especially if you open it up from your Gmail account that you’re already logged into.
This is a phishing scam through and through. DO NOT open the Google doc.
Normally, your run-of-the-mill virus, scam, or malware invasion don’t warrant a full-blown PSA like this. I think we all know by now that there isn’t a Nigerian prince who wants to transfer his fortune to you in exchange for your social security number and bank account information. But what troubles me about this particular phishing scam is how realistic it looks. Check this shit out:
I don’t receive a lot of documents via Google Docs (Our workplace uses Outlook so I’m more familiar with that at this point) so this looks very legit to me. Coupled with the fact that it was sent from an actual person’s account from the building management company, I casually clicked the “Open doc” button without much thought. Thankfully, I had the presence of mind to not put my username and password in on the next screen. The one tipoff for this particular scam is the “hhhhhhhhh” email included in the “To:” field so if you see that, that’s how you know. I see right through your game you two-bit Zero Cool wannabe.
That’s the other scary part about this particular scam though. It’s being sent from legitimate emails such as your coworkers, managers, or landlord in my case. For that reason, I can see a lot of people falling prey to this thinking they’re opening up an important document. I guarantee 100% that another resident at one of our management company’s buildings fell for the one sent by them thinking it was going to be an announcement about rent, maintenance, or their lease.
So again, if you see an email like the one above, DELETE IT. It’s a phishing scam, and you will be fucked six ways from Sunday if you fork over your Google account information over to it, because I know everyone has practically their entire lives connected to it.
Worst case scenario, you delete it and you get to ignore whoever it was who sent it to you, who you probably hate. Actually, this will be a good excuse for you to just not open any work emails with attachments on them. Looks like you’ll have to ignore your responsibilities for the rest of the day in the name of cyber security. Thanks, Prince Akeem Semmi!.
Image via Shutterstock