You got me worried, so I did some testing. If you go to a link for an existing document (because it was leaked to you, or you brute-force guessed) and are signed in as a user that doesn't have access, google pops up a box offering to let you request permission to see it.
If you click 'request access' google sends the mail to the file owner, but doesn't tell you who that is, or anything about the document. The mail the file owner receives comes from google, not the spammer (unless forged, natch, but that is unlikely given the scenario).
So, the gmail address you got in the request is a real address belonging to the spammer, you could report it to google if you were feeling energetic. It doesn't appear they actually leaked any information.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
(no subject)
Date: 2012-12-07 05:18 pm (UTC)If you click 'request access' google sends the mail to the file owner, but doesn't tell you who that is, or anything about the document. The mail the file owner receives comes from google, not the spammer (unless forged, natch, but that is unlikely given the scenario).
So, the gmail address you got in the request is a real address belonging to the spammer, you could report it to google if you were feeling energetic. It doesn't appear they actually leaked any information.