GroovyPost.com did a piece written by Jack Busch about his experience with an expired domain and hackers.
From the article:
I learned a hard lesson this week. Long story short, a spammer from Vietnam has hijacked my Google Apps for Domains (now called Google Apps for Business) account and is currently sending people emails from my old email address (email@example.com) complete with my signature, phone number and name and everything on it. Anthrocopy.com was an informal dba name I used years ago for my freelance writing business, but I slowly phased it out and let the domain expire. Now, someone else has moved into the place, hermit-crab style, and are probably contacting all my old business contacts about cheap Viagra.
I contacted Google about it and their official response was “I’m sorry to tell you that we cannot assist you with this problem since you don’t own that domain anymore.”
How Hackers Can Access Your Gmail by Buying an Expired Domain
Google Apps for Domains is different from a normal Gmail or Google Docs or Google Drive account in that it is associated with a domain that you may have registered from a company other than Google. Back in 2010, I registered Anthrocopy.com with Namecheap.com. After I wound down my freelance career to work as a fulltime technical writer, I let the domain expire. Somehow, the hacker found out that I had a Google Apps for Domain account, even though I no longer owned the domain. So, on June 20, 2014, somebody bought it through moniker.com, according to Whois.
Busch does a very good job at detailing his experience and is worth reading entirely.