Information Services > Security > News & Updates > "DC.docx" Google Doc Phishing - 09/24/21

"DC.docx" Google Doc Phishing - 09/24/21

Screenshot of malicious email:

A screenshot of a malicious email. The email attempts to trick recipients into reviewing a malicious document by clicking on a link to log into a Google Document.

On September 24th, 2021, phishing originating from external accounts was sent to a variety of DePaul staff members. This phishing variant has been seen occasionally over the past couple of years, and typically targets Athletics personnel, but can be directed at other departments.

The phishing email encourages recipients to click on a link and sign-in to a malicious Google Doc, under the guise of being invited to edit the document. The malicious email often attempts to use the name of staff members at DePaul. The Google Doc is malicious and may lead to credential harvesting and/or malware installation.

It is always important to remain vigilant when handling email, even when it appears to come from a DePaul email address or other official looking email address. Email addresses and login portals can be spoofed and imitated. Compromised email accounts (e.g. a DePaul email account owned by an individual that fell for phishing) are often used to target the community. Keeping your DePaul account secure helps keep the entire community secure.​

Some indicators that these emails are malicious:
- Unsolicited document invite with no context
- Email address included does not belong to the staff member, and is not a DePaul email address (this can be further spoofed)
- Link to a non-DePaul website

Anyone with concerns regarding this scam can contact the Information Security Team at​