Recent phishing scams: Google Docs and QR codes

by Dylan Connors and Elizabeth Parsons, IT Services

IT Services has recently received reports of a few different security concerns. Please read carefully and remember: Stay vigilant!

Shared files via Google Docs and Microsoft Word

A new scam email has been circulating, and it does not look like the typical phishing scams we've seen in the past.

The sender is someone outside of Miami's organization sharing files via Google Docs and Microsoft Word that supposedly have something to do with a departmental reward. The subject of these emails may read as "Extra-Departmental Reward.docx.”

An important thing to note is that the name that has shared the file with you may be different from the name that is on the email. For instance, one example we intercepted said that "[person X] shared a document with you," but then it also said that "[person Y] shared a file with you."

The information security office is aware of this scam. Please do not respond to this message and do not open the Google Doc or Word Doc.

A notable example of what the email looks like:

An image showing an email in Google Drive. It says 'Christopher Wright (christopherwright[at] has invited you to edit the following document." The next line reads "[blurred text] shared a file with you." There is a button for a word document labeled "Extra-Departmental Reward.docx". Google has input a yellow alert box that says "Christopher Wright is outside your organization." A blue open button. At the bottom, it says "If you don't want to receive files from this person, block the sender from Drive."

With these emails, the scammer is trying to get you to open the document, which will lead to them collecting your personal information. At the bottom of the email, below the link to the Google Doc or Word Doc, there is the option to "Block sender from Drive," and we highly recommend that you do so.

Remember: If you receive an email that looks suspicious, it’s better to be safe than sorry—forward the message to, and the information security team will tell you whether it’s legitimate or a fraud.

A note about QR codes on campus

The Information Security Office has also been receiving reports that QR codes have been printed and posted around the Oxford campus recently, boasting titles like “Girlfriend Application” or “Boyfriend Application.” These are a scam; do not scan them with your device.

This is a good reminder to review best practices for QR codes:

  • Determine that the QR code is being used by a trusted organization. For instance, many Miami-affiliated groups use QR codes in physical fliers. Look for official branding.
  • Context is key. A fully designed flier with various information and a QR code is infinitely more trustworthy than a blank sheet with simply a title (e.g., “Girlfriend Application”) and a code.
  • When in doubt, just skip it. When using QR codes, Miami-affiliated groups should also be printing a short link to the website the QR code links to, so you can type it by hand into your device. If this isn’t available, consider simply skipping the information.