Attackers are attempting to persuade email recipients to open attachments that contain a Trojan by claiming to be from “The Google Accounts Team.”
A new email supposedly from “firstname.lastname@example.org” with the subject “Suspicious sign in prevented” is going out en masse saying a hijacker has attempted to access the mail recipient’s Google Account.
The message says the sign-in attempt ended up prevented but asks users to refer to the attached file for details of the attempted intrusion.
However, instead of containing information such as the IP address of the log-in attempt, the attached zip file contains a Windows executable file that will install a Trojan onto a victim’s system.
While Google does sometimes send emails like this to users, they never contain attachments; users that receive those types of emails should delete them.
The Trojan is currently only detected by half of 42 antivirus programs used by the online virus scanner service, said researchers at VirusTotal.