Medium riskEmail Scams

Google Docs Sharing Scam

This scam sends an email saying someone shared a Google Doc or file with you, with an 'Open' link that leads to a fake Google login page or asks you to grant risky account permissions, aiming to capture your password or access your account.

Quick verdict

Risk level
Medium risk
Scam type
Document phishing scam
Main red flag
An unexpected 'document shared with you' email with an Open link that asks you to sign in again or approve account access.
What to do first
Do not click the link. Open Google Drive directly to check whether any file was really shared with you.

What this scam usually looks like

This scam sends an email saying someone shared a Google Doc or file with you, with an 'Open' link that leads to a fake Google login page or asks you to grant risky account permissions, aiming to capture your password or access your account.

Example message pattern

Example pattern — not a real report
Example pattern: 'A document has been shared with you. [Sender] has invited you to view "Invoice_Q2_Final". Open Document: [suspicious link]. You may need to sign in to view this file.'

This is a fictional, anonymised example used to illustrate the pattern. It is not a verified real message, and any names are used only to show how the scam typically reads.

Red flags to watch for

  • An unexpected file-share email from someone you do not normally work with
  • An Open link that does not lead to the genuine docs.google.com or drive.google.com address
  • Being asked to sign in again or approve permissions to view a simple document
  • A vague or generic file name with no context about why it was shared
  • Pressure to open the document quickly or before it 'expires'

What to do

  • Open Google Drive or Docs directly rather than using the link in the email
  • Hover over the link to check the real address before trusting it
  • If unsure, contact the sender through a separate, known channel to confirm
  • Report the email as phishing in your mail app and delete it

If you already clicked or replied

  • Do not enter your password on the linked page; close it instead
  • If you signed in, change your Google password right away from the official site
  • Review and remove any unfamiliar apps with access in your Google security settings
  • Turn on two-step verification and check for forwarding rules or logins you do not recognise

What not to do

  • Do not enter your Google password on a page reached through the email link
  • Do not approve permission requests for apps you do not recognise
  • Do not assume it is safe just because the sender's name looks familiar

Similar scams

Medium risk Email

Fake DocuSign Email Scam

This scam sends a fake 'you have a document to review and sign' email with a 'View Document' link that leads to a credential-harvesting page or to malware instead of a genuine document.
High risk Email

Microsoft Account Email Scam

This scam sends a fake Microsoft or Outlook email about an unusual sign-in or an account about to be closed, linking to a fake Microsoft login page that captures your email and password.
High risk Text Message

Two-Factor Code Text Scam

In this scam a fraudster triggers a genuine two-factor or one-time code to your phone, then poses as support staff or a contact to pressure you into reading it back so they can take over your account.

Frequently asked questions

How can a Google Docs share be a scam?
Scammers copy the look of a real share notice but link to a fake login page or a permission request. The aim is to capture your password or gain access to your account.
It looks like it came from a contact. Could their account be hacked?
Yes. Compromised accounts are often used to send these emails, so a familiar sender name does not guarantee the message is safe. Confirm through another channel.
What is a risky permission request?
Instead of a password page, some versions ask you to grant an app access to your email or contacts. Approving it can let attackers read your account without your password.
How do I check if a file was really shared?
Open Google Drive directly and look under 'Shared with me'. If nothing matching the email appears there, treat the message as suspicious.

Last reviewed: June 2026

Disclaimer: This page provides educational information only to help you recognise common scam patterns. It is not legal, financial, cybersecurity, or law enforcement advice, and it does not confirm whether any specific message, company, or person is genuine or fraudulent. When in doubt, contact the official organisation directly and report concerns to your local authorities.