Information Services > Security > News & Updates > "DC.docx" Google Doc Phishing- 09/24/21

"DC.docx" Google Doc Phishing- 09/24/21

Screenshot of malicious email:

A screenshot of a malicious email. The email attempts to trick recipients into reviewing a malicious document by clicking on a link to log into a Google Document.

On September 24th, 2021, phishing originating from external accounts was sent to a variety of DePaul staff members. This phishing variant has been seen occasionally over the past couple of years, and typically targets Athletics personnel.

The phishing email encourages recipients to click on a link and sign-in to a malicious Google Doc, under the guise of being invited to edit the document. The malicious email often attempts to impersonate the name of staff members at DePaul. The Google Doc is malicious and may lead to credential harvesting and/or malware installation.

It is always important to remain vigilant when handling email, even when it appears to come from a DePaul email address or contains references to DePaul staff member names. Email addresses and login portals can be spoofed and imitated. Compromised email accounts (e.g. if a fellow DePaul community member fell victim to phishing) are often used to target the community. Keeping your DePaul account secure helps keep the entire community secure.

Some indicators that these emails are malicious:
- Unsolicited document invite with no context
- Email address included does not belong to the staff member, and is not a DePaul email address (this can be further spoofed)
- Link to a non-DePaul website

Anyone with concerns regarding this scam can contact the Information Security Team at​