Just minutes ago I had a client forward me a copy of an email that they had just received. The email looked like a standard email that you receive when someone shares a Google Doc with you. The email was from an @gmail.com address. It contained a link to “Open in Docs” and the link was legitimate. When clicking on the link, the following page was displayed: