![\"Email](\"https:\/\/ichef.bbci.co.uk\/news\/624\/cpsprodpb\/115BB\/production\/_95899017_image3.png\")
By granting permission, users unwittingly allowed hackers to potentially access to their email account, contacts and online documents.<\/p>\n
The malware then e-mailed everyone in the victim’s contacts list in order to spread itself.<\/p>\n
“This is a very serious situation for anybody who is infected because the victims have their accounts controlled by a malicious party,” Justin Cappos, a cyber security professor at NYU, told Reuters.<\/p>\n
According to PC World<\/a> magazine, the scam was more sophisticated than typical phishing attacks, whereby people trick people into handing over their personal information by posing as a reputable company.<\/p>\n This is because the hackers bypassed the need to steal people’s login credentials and instead built a third-party app that used Google processes to gain account access.<\/p>\n The Russian hacking group Fancy Bear has been accused of using similar attack methods, but one security expert doubted their involvement.<\/p>\n “I don’t believe they are behind this… because this is way too widespread,” Jaime Blasco, chief scientist at security provider AlienVault, told PC World.<\/p>\n Google said the spam campaign affected “fewer than 0.1%” of Gmail users. That works out to about one million people affected.<\/p>\n Last year, an American man pleaded guilty<\/a> to stealing celebrities’ nude pictures by using a phishing scam to hack their iCloud and Gmail accounts.<\/p>\n And in 2013, Google said it had detected thousands of phishing attacks targeting email accounts of Iranian users ahead of the country’s presidential election<\/a>.<\/p>\n Source: bbc.co.uk<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"