Accessibility Navigation:


ALERT: Google Phishing Scam Hitting Campus

Davidson, along with the internet at large, is experiencing a major phishing attack that is targeting Google accounts. This presents a very serious and immediate risk to your privacy, your data, and possibly to Davidson College’s data. Please read this message in full and contact Davidson ITS (704-894-2900) with any questions.

The phishing email looks like it comes from someone you know and may be sent to with a copy to you. It invites you to view a Google Doc. See an example below:

Text: Someone has shared a document on Google Docs with you

The link you follow takes you to either a Google sign-in page or a Google access rights/permission page, depending on whether you are logged into a Google account on your device. While these pages are actual Google pages, they invite you to grant access to a malicious application.

If you clicked the “Allow” button as shown in the image below, a malicious party will have access to your email account and Google Drive. It is very important that you DO NOT grant access or click “Allow.”

 Text: "Google Docs would like to:"

If you did click “Allow” —

  1. Visit to view which applications you have granted access to.
  2. Click on the name of every application to see the date you granted it access. If you granted access today or in recent days, press the Remove button. To be safe, you may Remove access to any or all applications.
  3. If you have a personal account and a Davidson account, use the icon in the upper-right hand corner of the page to switch to the other account. Remove access to malicious applications or, if unsure, to all applications.

If you granted access to a malicious application from your Davidson Google account, you must contact Davidson ITS at 704-894-2900 to inform us. An ITS staff member will need to evaluate the data in your Google Drive and Gmail.

Kevin Davis
Deputy CIO
Information Technology Services