Last night’s Google Docs phishing campaign affected 0.1% of Gmail users. Nearly one million people were affected by it, handing over their email access to attackers. Google has also started blacklisting malicious apps being used in the active phishing scheme. Do not click on that Google Doc link you might have just received in your email and delete it immediately even if it’s from someone you know. Anything linked to a compromised Gmail account is potentially at risk and even if you enabled two factor authentication, it would not prevent hackers to access your data.
Source: https://thehackernews.com/2017/05/google-docs-phishing-email.html