Attack gmail trickks working advanced for 2014

Two days ago I received a
strange email from my friend. It
looked like spam, and after a
minute of analysis it was clear
that his Gmail mail box was
hijacked.
Apart from the fact that it was
sent from my friend’s email
address, all other signs were
typical for malicious spam. The
message didn’t have subject, the
recipients were hidden, and the
email body contained only the link
with no message. Today I
received very similar email from
another friend, again from Gmail
and again with the same
characteristics, so I decided to
investigate what’s going here.
Both links were hosted on .net
domains, and the URL structures
were very similar when both
ending with /google.html. Both
links were supposed to look
trustfully as they were using
words “plugins”, “components”,
“google” – so typical for social
engineering.