The attached file is deceptively named Google_Accounts_Alert-6284-S44-8098.zip, and actually contains an executable file – a backdoor Trojan that opens the way for other malware to be delivered to the victim’s machine, and is currently detected by only half of the AV solutions used by VirusTotal.
Emails purportedly sent by the Google Accounts Team warning about a prevented “suspicious sign- in” have been spotted targeting Google users.
“Someone recently tried to use an application to sign in to your Google Account,” says in the email. “We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt in attached file.”