"Someone recently tried to use an application to sign in to your Google Account," says in the email. "We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt in attached file."
The attached file is deceptively named Google_Accounts_Alert-6284-S44-8098.zip, and actually contains an executable file - a backdoor Trojan that opens the way for other malware to be delivered to the victim's machine, and is currently detected by only half of the AV solutions used by VirusTotal.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.