Hidden Google Drive Scam

Cybercriminals have learned to get around filters that flag suspicious-looking emails by using common platforms that not all filters will flag.

Their latest scam has been using hidden Google Drives. They use Google Drive’s share feature to distribute their content and many times the email filter won’t recognize it as suspicious, since it is a well-known platform.

Ways they use this tactic is by sending a notification to users from DocuSign saying we have an invoice for you to review and sign. This email includes and View Document button which will take you to a fake login page. This login page is really a hidden Google Doc meant to look like DocuSign so it will trick people into filling out their login credentials. As soon as the login is filled out, it is sent right to the cybercriminals.


  1. Find the transaction elsewhere like on a bank statement when you receive an email claiming to include an invoice.
  2. Never click on a link or download from an email you weren’t expecting.
  3. Hover over links in email to see the URL they go to.