Google Docs Phishing Alert

Over the last week, the Enterprise Technology & Services (ET&S) Cybersecurity team detected over 600 fake shared Google documents phishing messages. Here are the message details (scroll to the bottom for a screenshot) and remediation steps if you received this message and clicked on a link:

  • Subject Line - This is specific to the department or group to which it is addressed. For example, “Fall Communication Arts & Sciences Review.”
    • Please note: The ET&S Help Desk will never share documents on behalf of other departments.
  • Sender Information – These documents are supposedly shared by the IT HelpDesk from a Gmail address and “Help Desk” is misspelled.
    • Please note: The ET&S Help Desk will never send messages from a non-USNH/Gmail account.
  • Message Warning – These messages contain an “external warning” banner to indicate that it comes from an external source.

What to do if you responsed/clicked on a link in the message
If you clicked on the link in a message like this one, USNH Cybersecurity strongly recommends changing your password via the MyAccount password reset tool as soon as possible.
To do so, follow these steps:

  1. Go to
  2. Sign in with your institutional username and password (for example, abc123
  3. Select ‘Change Password’ and follow the steps.

If you are unable to access the MyAccount portal, please call your campus ET&S Help Desk:

  • GSC - 1-888-372-4270
  • Keene State - 603-358-2532
  • Plymouth State - 603-535-2929
  • UNH - 603-862-4242

USNH Cybersecurity is working to remove the message from the mailboxes of those who received it.

Thank you to those who reported these messages as Phishing. If you receive messages you believe to be Phishing attempts, please forward the message(s) to or report the message by using the Report feature in Outlook. If you are unsure if a message may be phishing, please reference the USNH PhishBowl or contact

Google Docs Phishing Message Screenshot