If you received an email with the following indicators, please delete the email and do not click the link.
From: “IT Helpdesk (via Google Drive)” ithelpdesk3790[@]gmail[.]com
Subject line: Adjunct Evaluation (2).docx
Though the email appears very similar to a legitimate Google Doc share, that does not mean it is safe. The content of the file could contain malicious links or there could be a password-protected file containing malware.
Tips for Spotting Fake Cloud-Sharing Emails
- Were you expecting it? If you were not expecting a shared document, use caution before clicking links or opening attachments.
- Did it seem overly vague? There is no name associated with who shared the document which should be suspicious. Something generic like “committeechair” or “departmentchair” or “IT Helpdesk” are frequently used in phishing attacks. Further, the document title seems vague enough to seem relevant to anyone.
- Was it from the correct email address? For legitimate shared Google documents, expect the message to be sent with a display name like this: “Jane Logger (via Google Docs).” The sending email address should be: “drive-shares-noreply@google.com.”
- Is the linked document password protected? Normally, a file is scanned for viruses before it is uploaded to a cloud service like Google Drive or Microsoft OneDrive. However, if the file is password protected, the automatic malware scan cannot occur since the file is encrypted. If you receive a link to a cloud storage site and the email includes a password to unlock the file, use caution.