The United States Computer Emergency Readiness Team (US-CERT) said Thursday it is aware of the phishing campaign affecting Google Docs users.

The campaign used spoofed email addresses to target users with emails purporting to share a document for collaboration. Once the targeted users accepted invitations, they were encouraged to allow the phishing program access to their email accounts.

Google said it has taken action to protect users, including removing the fake Google Docs pages and disabling the offending accounts.

The organization warns users to play a more proactive role in protecting themselves and their organizations from cyber threats, urging them to:

  • Be careful when clicking directly on links in emails, even if the sender appears to be known; attempt to verify web addresses independently (e.g., contact your organization’s helpdesk or search the Internet for the main website of the organization or topic mentioned in the email).
  • Exercise caution when opening email attachments. Be particularly wary of compressed or ZIP file attachments.
  • Immediately report any suspicious emails to your information technology (IT) helpdesk, security office, or email provider.