Even the most security-conscious email account holders have been falling for the new Gmail phishing scam. This advanced hack involves phishing for user email authentication information by tricking recipients into clicking on an attachment and re-entering their Google login credentials.
It works like this: Once someone has fallen for the attack, hackers scan the victim’s account and find the best attachment to email to others from that address. For example, the attachment could be an update on a document you were collaborating on earlier that week with a co-worker. This type of advanced attack works so well because the attachment seems legitimate.