CLOSE

Jefferson Graham shows how to change your security settings on Facebook, Twitter, Google and Microsoft for two-factor authentication, which security experts say is your best, quick defense against a hack.
USA TODAY

LOS ANGELES – This week many folks found a suspicious e-mail in their inboxes. They were invited to look at a Google Doc with a link that was in fact a phishing exercise to tap into our digital identities.

Luckily, Google got wind of it quickly, and disabled many of the features that were designed to steal information from you.

The incident puts a spotlight on Google Docs and how we collaborate with the free, Internet-based word-processing tool. It could be better. Way better. And much of the onus is on us—we need to do a better job of explaining to our friends what the link is, and why it should be opened.

Remember, look for the blue logo

Sharing a document with others via Google Doc lets you select friends or colleagues, and they in turn get an e-mail saying that you have been invited to “edit the following document.” Your recipients see the name of the document, and the familiar blue Google Docs logo. In the scam, they received something very similar.

Hackers are savvy individuals, but they usually get one or two details wrong. In the bogus e-mail, which was sent to over 1 million Gmail users, including this reporter, we were asked to “Open in Docs,” but an official e-mail request would have put in the Google Docs blue logo, and the actual name of the file we’re being invited to view.

But in both cases, the scam and the legitimate share, people get a form generated e-mail by a company that claims to be Google, under your name, and they have no idea whether it’s real or not. Most folks don’t even bother to put a message into their share e-mail.

And that’s something that’s scary to receive.  Who knows what’s really in there? What will happen to my computer if I open the link? (Hackers get access to your…