Watch out for the Google Docs phishing scam

Phishing scams are beginning to look more and more like the real thing. A sophisticated phishing scam is spreading rapidly; at least 500 state mail users have received it. It is possible that your City account may be a target of what is being called the “Google Docs phishing scam.” If you have a Google account, you need to be extra careful.

What it looks like

You will receive an email stating that the sender has shared a document with you. You may or may not know the sender. The subject line usually contains the sender’s name and states that the person “has shared a document on Google Docs with you.” It looks something like this:


The message includes a link to “Open in Docs,” which isn’t unusual if you’ve ever shared a document stored in Google Docs. In the “To:” area, however, you will see what appears to be automatically generated gibberish.

How the scam works

Hover over the “Open in Docs” link and you’ll see that it points to a document in Google, which is reasonable. If you clicked on this link it would take you to the real Google login page.

Here is where the damage occurs. If you log in, you’ll be redirected to a malicious third-party site that asks you to grant permission to access your email account. If you granted permission, your email account would be compromised. Cybercriminals would then send similar spam messages from your account to your contacts and other addresses you’ve used to target more victims. It would look to them as if you have sent them a document to view.

The scam is believed to bypass current safeguards such as two-factor authentication or email alert mechanisms.

What to do if you have clicked on such a document

  1. Go to
  2. If you see an entry for "Google Docs," click on it and then click the “Remove” button.

You will only see Google Docs on the list if you granted permission to this fake Google Docs app. If you do not see Google Docs on the list, then you should be safe and have nothing to remove.

Change your email account password if you clicked on the doc or any links in the phishing email. Make sure to use long and strong passwords on all your accounts and unique passwords for each account. And as always, pause and think before you click on any links. The account you damage could be your own.

If you receive one of these emails

Notify the IT Service Desk right away. Do not click on the documents. You may be asked to either forward it to [email protected] or delete it.

For more information:

Published May 12, 2017



Contact us

Email updates

Find a service

About this site

For employees

For reasonable accommodations or alternative formats, contact 311.
People who are deaf or hard of hearing can use a relay service to call 311 at 612-673-3000.
TTY users can call 612-673-2157 or 612-673-2626.

Para asistencia 612-673-2700, Yog xav tau kev pab, hu 612-637-2800, Hadii aad Caawimaad u baahantahay 612-673-3500. 


311 call center

311 TTY relay service

City of Minneapolis Facebook City of Minneapolis Twitter City of Minneapolis YouTube ChaNNEL Minneapolis 311 Minneapolis 14 Government TV City of Minneapolis LinkedIn

Minneapolis, City of Lakes logo