With the use of remote working and collaborative tools on the rise amid the Covid-19 pandemic, cyber criminals discover new ways to reach users. In a recent scam, hackers targeted hundreds of thousands of Google users with fake Google Drive notifications and emails to trick them into visiting malicious websites.

The cyber attack was a new type of phishing scam. A fraudster attempts to mislead the victim into clicking on a malicious link and giving up personal information or downloading malware. Since the start of the global pandemic, there has been a substantial increase in online scams, with a 667% increase in Covid-19 related email scams.

As phishing attacks become more common and sophisticated, being able to detect phishing attempts is business-critical. This article will examine what happened during the Google Drive Scam and identify how to prevent similar phishing attempts.

The 2020 Google Drive Scam: Here’s What Happened

As part of a Google Drive phishing scam, hackers sent push notifications and emails to thousands of Gmail users, which invited the recipient to collaborate on a Google doc. Users that clicked on the push notifications were taken to a document containing a large link to a malicious website (the emails also featured malicious links).

The notifications came from an official no-reply Google address, that made them look authentic and featured a range of messages written in broken English or Russian. For example, some claimed the recipient had won a prize, whereas other messages prompted recipients to review their financial transactions.

While phishing scams are nothing new, the use of push notifications caught many users off guard, which has led Google to focus on implementing new measures to identify malicious use of Google Drive notifications.

5 Lessons to Learn from the Google Drive Scam

The Google Drive scam offers some key learning opportunities for enterprises:

1.   Hackers can send push notifications

Fraudsters can weaponize push notifications, just like email and SMS messages. It’s important to be skeptical of unusual push notifications the same way you would be if you received any unsolicited online chat, email, or SMS message.

2.   Be wary of “official” no-reply addresses

The hackers ensured that victims received notifications from a no-reply Google address to gain the recipient’s trust. Scrutinizing emails for discrepancies such as spelling mistakes and suspicious links is vital for detecting scam emails from email addresses that appear convincing at first glance.

3.   Don’t click on suspicious links

Hackers will try any medium they can to mislead users into clicking on links to malicious sites, so if you see a suspicious link in an email or inside a Google Doc, don’t click on it so that you don’t get taken to a malicious site.

4.   Be wary of prize offers

One of the messages sent by the cyber criminals claimed that the recipient had won a prize. Any email or SMS message that claims you’ve won a competition you didn’t sign up for is most likely a scam.

5.   Watch out for spelling mistakes and foreign languages

The fraudsters wrote many of the Google Drive notifications and emails in broken English or Russian. Messages featuring broken English or foreign languages different from your local language indicate a scam.

How to Protect Your Data from Phishing Attacks: Tips for Cyber Security Leaders

Here is how cyber security leaders can prevent phishing attacks:

1.   Educate your employees about phishing threats

Educate employees and system administrators about phishing attempts, and use phishing simulation tools to train them to recognize scams in a real-world scenario to detect scams any time they come across one.

2.   Use security awareness training and phishing awareness training

Provide a mixture of security awareness training and phishing awareness training to ensure phishing and social engineering threats remain top-of-mind for employees. Recuring training helps to keep employees up to date with the latest threats. Use phishing simulations to expose your users to a variety of real-world scenarios and allow them to practice their phish detection skills.

3.   Train internal cyber security ambassadors to encourage phishing awareness

Designate a couple of your team members as cyber security ambassadors to monitor employee phishing awareness. Train ambassadors about the latest threats and encourage the use of phishing microlearning modules to train other staff members.

4.   Maintain constant communications

Send ongoing communications to employees about the latest phishing threats and provide guidance on cyber security best practices so they can keep your environment secure. For instance, you can send out an email warning about the new Google Drive scam and highlight the dangers of clicking on malicious emails and URLs.

5.   Keep all IT systems up to date and secure

Maintain your network defense by keeping all software, applications, and operating systems up to date. Regularly patching software and implementing malware protection or anti-spam software will reduce the number of vulnerabilities an attacker can exploit.

How to Protect Your Data from Phishing Attacks: Tips for Employees

Here are some essential tips to ensure your team stays safe from phishing scams:

1.   Don’t open emails from unknown senders

Never open messages sent by unknown senders. Whenever you receive a new message, inspect the sender’s name and email address to see if it’s someone you recognize. You can also verify the sender’s identity by contacting them in-person or over the phone.

2.   Don’t click on suspicious links

Be cautious of any links you receive from unfamiliar sources. Malicious links can take you to phishing sites and infect your device. Hovering your mouse cursor over URLs is a great way to check the destination URL. If you’re still unsure about the link’s validity, you can always visit the official website manually through the search bar.

3.   Inspect email text for suspicious elements

Carefully read the body text of all emails from unfamiliar sources and watch out for red flags like spelling mistakes, grammatical errors, and any language that promotes urgency. If the message originates from a trusted sender, validate the context and request for relevance. If in doubt, contact the sender via another means.


The Google Drive scam showed that even push notifications aren’t beyond the reach of cyber criminals. With hackers continually trying out new scams, cyber security leaders need to be proactive and equip employees with the knowledge to detect threats independently.

Regular cyber security awareness training is fundamental to staying up to date on the latest techniques scams used by fraudsters. Training based on real-life scenarios and phishing simulations dramatically reduces an employee’s chance of clicking on a malicious link.


Working From Home Cyber Safely Kit

Get your complimentary interactive course and resources for security awareness