Back to Announcements

Beware of Fake Google Drive Invitations

All Campus, LITS, Campus Advisory posted



Before you accept an unsolicited Google Drive email invitation, make sure it is not from a scammer trying to install malware or steal your login credentials. These invitations can make it through spam defenses because they look like legitimate notifications. Learn how to spot them.


Scammers utilize Google Drive’s collaboration feature to send push notifications from Google itself to deliver malicious content (see example below) to your email inbox. The email may contain a non-Trinity URL, a OneDrive notification, and/or a link to Google workspace.

The scammers’ goal is to get you to open a Google doc containing a link to either malware or a fake login page to capture your credentials.

Indicators of Phishing

  • Suspicious document names such as DC.docx, Evaluation.docx, EVALUATION FORM.docx, Faculty Evaluation.docx, Evaluation.pdf, etc.
  • The name and email of the person sharing the document does NOT match the name or email of the purported Trinity person sharing the document
  • Non-standard English grammar and spelling errors
  • Contains a link to a Docx or PDF — always a red flag!

What to do if you receive one of these:

  • Do not reply, click the link(s), log in, or approve an MFA request.
  • Mark the email as phishing using our newly deployed Phish Alert Button (PAB) within Outlook. Learn More
  • If you are unsure if it is a phishing email, please forward it to [email protected].