Email phishing email tricked users into giving up access to their Gmail accounts. Phishing emails circulated for about three hours before Google stopped them. Dummy app called Google Docs asked users for permission to access their Gmail account. The hackers abused the OAuth protocol, a way for internet accounts at Google, Twitter, Facebook and other services to connect with third-party apps. Security experts said Tuesday’s attack probably wasn’t from Fancy Bear, a shadowy group that many suspect works for the Russian government.”]