A few weeks ago one of my clients called me in a justifiable panic. Actually I had called her first because I received a strange invoice type of email from her and in our world, it's my company that sends the bills, not receives them. She said I was the second or third person to call her about this. Then the light bulb went on and she realized what had happened.
She had been targeted by someone and was sent the invoice email. Only thing is, upon opening it, the email immediately required her to login to her Google Docs account. Which she did. Which of course is the same login as her Gmail. Which started the ball rolling.
The attached malware and scripting got hold of all her contacts, and sent out the same email to them. It also enabled access to her account immediately and the hackers were able to do more damage. She did change her password within 10-15 minutes of the event, and also enabled 2 step verification. To be continued.
Next day, she calls me to say she is not receiving emails. And clients are not receiving her emails. Hmmm. I said text me your new password, and stay me with me to send me the 2 step verification code. That being done, I was able to take a look at her account.
The hackers had created filters in her Gmail, and configured one filter to open any incoming email addressed to her and delete it immediately (hence the "I'm not receiving any email" bit). Another filter was configured to delete the email upon send (hence the "No one is receiving emails from me" bit.)
I cleaned that up for her and she has been right as rain ever since.
Bottom line. You cannot be too careful these days. If you receive an email that has an attachment, and it's from someone you do not know, DON'T open it. If you do know who sent it and are not sure about the attachment, text them and ask first before opening. They'll explain about the attachment. If they don't know anything about an attachment, trash that email FAST.
ANY email that asks you to login anywhere, if you are not 110% sure about it, don't login. You are putting your credentials at risk.
In my client's case, she was already logged into her Gmail account. So, when you stop to think about it, the attachment should NOT have been asking her to login again. If it was a true Google Doc, it would have opened up for her without asking for her credentials.
Hackers are smart. They get access to your contacts, and if you are using email that's on your computer, such as Outlook or Microsoft email that comes bundled with Windows 10, you are at even more risk. There are self executing scripts that will go in and steal your stored passwords and contacts right off your computer and your browser.
That puts you at even more risk. Why? If you do any kind of banking online, or have stored passwords for memberships such as Amazon Prime, or anything similar, those hackers will have a field day and clean you out.