Skip to main content

Cornell University

Recovering From Google Docs Phishing Malware

How to recover from Google Docs phishing malware

This article applies to: Security & Policy

How do I know if I've been affected?

If you clicked "allow" when prompted by the "Google Docs" app to connect to your Google account, you have been affected. If you didn't click the link, closed the tab, or clicked "deny" then your account is safe. If you have any question, please follow the instructions below.

How do I recover my account safety?

  1. Google recommends running the following security checkup on your account:

To specifically check for this malicious application attached to your account

  1. Navigate to 
  2. Click on "Connected apps and sites"
  3. Click on "manage apps" to edit the apps that have access to your account.
  4. Find the app titled "Google Docs" and click the Remove button. Note: Doing this will not interfere with your ability to use the real Google Docs.
  5. The malicious application no longer has permissions to your account.

Finally, as an added precaution, please change your Cornell NetID password here:


To share feedback about this page or request support, log in with your NetID

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.