Phish Files
Abstract Aliens On Flying Saucers Northern Lights Lighthouse Mountains Water Tree Sun Background Gradient Unidentified Flying Object Ufo Stars Vector Design Style Landscape
Phish Files Articles
March 13, 2026

Shared Documents: Helpful Tool or Hidden Risk?

Posted in: News

banner that says breaking news with a fish in a bowl.

Shared documents make campus life easier—students work on group projects, faculty share research, and staff coordinate across departments. Tools like Google Docs, Microsoft 365, and PDFs are essential, but attackers know this too. They exploit shared files to trick you into clicking malicious links, sharing sensitive info, or granting dangerous permissions.

Understanding how these attacks work helps you stay protected.

Types of Shared Documents

You might encounter:

  • Google Docs, Sheets, Slides – real-time collaboration

  • Microsoft Office files – Word, Excel, PowerPoint

  • PDFs – reports, notices, or official forms

  • Other cloud files – Dropbox, Box, or university platforms

Tip: All formats can be exploited. Knowing what you’re opening is the first step to staying safe.

Watch for These Risks

  • Check who the document is coming from: Even if the sender’s name looks familiar, always verify the email address. Phishers often use external accounts that mimic internal ones.

  • Unexpected shares: A file you weren’t expecting can be a trap.

  • Urgent language or instructions: “Act Now” or “Verify Immediately” is a common tactic.

  • Malicious links or credential-stealing forms: Some documents include links or attachments asking for your Montclair email and password. Providing credentials this way gives attackers full access to your account.

  • Fake collaboration invites: Invitations from unfamiliar emails or vague messages can be malicious.

  • Permission abuse: Some requests ask for broad access to files or accounts—only approve trusted apps.

Example: A faculty member received a “Total Rewards Compensation – Montclair State University.pdf” Google Doc from an external-looking email. The link led to a credential request. Verifying the sender with IT prevented account compromise.

Stay Safe and Collaborate Smart

  • Verify first: Contact the sender via a trusted method before opening unexpected files.

  • Use official platforms: Google Workspace, Microsoft 365, and university portals are safer.

  • Limit and organize access: Share with only those who need it, set view-only when possible, and use clear file names.

  • Track versions and add context: Include notes explaining the file’s purpose.

  • Review permissions regularly: Remove unknown collaborators or unneeded apps.

Example: A staff member shared a draft exam, noted “working draft, not final,” and set view-only access—avoiding accidental edits or leaks.

If You Think You’ve Interacted With a Malicious Document

  1. Change your password immediately.

  2. Check Duo for any unauthorized codes requests.

  3. Use the Phish Alert Button to report it directly to Information Security.

  4. Review your shared documents and remove unknown collaborators or apps.

Quick action protects both your account and the campus community.

Final Thoughts

Shared documents are powerful tools for learning, research, and daily operations. By staying alert to suspicious links, unexpected invites, and unusual permissions—and reviewing access regularly—you can collaborate safely.

Cybersecurity is a shared responsibility, and small, careful actions make a big difference.

For More Information

National Cybersecurity Alliance | Document Sharing Security Tips: How to Stay Safe with Shared Docs

Fortinet | 2025 Insider Risk Report: The Hidden Cost of Everyday Actions

Medium | Is Your File Sharing Really Secure? 5 Overlooked Data Leakage Risks in Remote Work

Google | Understand the basics of privacy in Google Docs, Sheets, Slides & Vids