Security experts warn this kind of attack represents “the future of spoofing”
Google has warned users to look out for malicious emails. These emails may ask users to click on a link to Google Docs. A large number of people complained their accounts had been hacked this way. Google has taken steps to protect users from the attacks. And they have done this by disabling offending accounts and removing spiteful pages.
The attack used a similar novel approach to spoofing – sending email that falsely claims to be from a legitimate organization. This is how they gained access to user accounts without needing their passwords.
Users who granted access to the bad app also gave hackers access to their Google account. Which include emails, contacts and online documents. Google’s abuse team is working to prevent this kind of spoofing from happening again.