A large number of password hijack spam got through the gmail spam filter this morning. All from known addresses. It is a mail with one or two random words and 'I've sent you a message' and a 'view message' link. Clicking 'view message' takes you to an (accurately fake) Google account login page with a session expired message. If the user enters a password here the attacker has now has it.