new type of attack based on attachement in gmail on email when automatic download is enabled on the account and by using the "event" web interactions allowing to open malicious link or run attachement : mail title like "01fe00bb... @ 02AA.... .com" here.
case done on Samsung j5 2017. I reinitialize the mobile but i received 3 mails on a period of three month (2 in a day). I think the use case permit to send information (remote control) because i received few times after sms confirmation code for a service that i din't requested
i will connect adb shell to list package and check aout the issue.