Guru's Verification engine ensures consistency, confidence, and trust in the knowledge your organization shares. Learn more.

SCAM ALERT: Recent File Sharing Scams

DATE: 08/02/2025
EMAIL SUBJECT: [Name] has shared a file with you
COMMUNICATION CHANNEL: Email
SENDER: Various

Note: Read more about file and document sharing scams in the July CyberSafe Monthly newsletter.

Phishing Message

The Information Security & Privacy Office (ISPO) has seen a significant increase in phishing campaigns posing as document-sharing requests from other universities. These emails often claim someone is sharing a Google sheet, form, document, or PDF with you, often related to an application, payment, or invoice.

Example 1

3.17.2025 Phishing Scam.png

Example 2

Document Sharing Phishing Scam.png

Please see below to read the full text of the messages.

Message Text & Red Flags

Message Text

Message 1:

A. Walker shared a file with you

Here's the document that A. Walker shared with you

This link only works for the direct recipients of this message

OPEN

Message 2:

<embedded image failed to upload>

Brandon V. shared a file with you

Here's the document that Brandon V. shared with you.

Red Flags

🚩 Do you know the person sending the file to you? These scams operate through unexpected sharing. If you don't know the sender, don't click and reach out to the ISPO instead. If you do know the sender, then reach out to them separately to verify that the document is legitimate.
🚩 The emails are from people rather than systems—legitimate sharing notifications from Google, Microsoft, and other platforms will come directly from their official domains.
🚩 The email domains used to share these documents don't always match the name of the sender or the institution it claims to be from.

TIP: To verify the legitimacy of a Google Drive file share notification, first check the sender's email address and the content of the notification. Legitimate Google Drive notifications come from drive-shares-dm-noreply@google.com. Be wary of grammatical errors, unexpected attachments, or requests to enter personal information. Always verify the notification within your Google Account's security settings, rather than clicking on any links directly in the email.



If you received this email, do not engage with the email— do not reply, download attachments, or click on links. Please forward the email to IT Central at ITCentral@newschool.edu to report the phishing scam and then delete the email from your inbox.

Return to Phish Bowl

You must have Author or Collection Owner permission to create Guru Cards. Contact your team's Guru admins to use this template.