Attackers using Google Docs Comment field for Phishing Attacks

  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 1/7/2022

Action Level - Informational


Attackers are once again using the Google Docs comment function to send phishing emails and malicious links to users. This attack vector is appealing because the attacker can create a Gmail account and set their name to whatever they desire, permitting targeted attacks. Further, the email will come from
comments-noreply[@]docs[.]google[.]com, preventing educated users from verifying the email came from a trusted sender. 

Take this time to remind users to avoid clicking links or opening attachments in emails unless they are from a trusted and verified sender. Users can verify a sender by calling them or sending a text or IM. If a user can’t determine the origination of an email, or the email contains something related to a task they aren’t involved in or otherwise shouldn’t have permission to access, they should default to reporting it as spam.

<-- Return to Cybersecurity Alerts...

PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC