The text of the message couldn't be simpler, and the embedded link that brings the user to the phishing page withstands a cursory glance since it begins with the google.com domain. TrendLabs' experts took the trouble to investigate and discovered that the phishing site is hosted on a remote site.
The phishing site resembles the real one, but I think regular users could tell that something is different. Unfortunately, it's probable that most of them would think that Google is behind the change.
In any case, when emails requesting you to update any type of account come your way, it pays to be extra careful and do a little search on the legitimate site regarding the issue in question instead of following the link.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.