Recently, it has been observed that some individuals or sites send emails, like the following, in order to obtain unauthorized access to passwords to users’ emails (phishing).
As seen in the image, the sender has forged an email by Google to persuade the user to click on the link. If a user mistakenly clicks on this link, a site similar to Google’s home page will open, where the user is prompted to enter his user ID and password. Then user’s account information will be available to the malicious person or group and the cybercriminals will have access to their emails.
To prevent this from occurring, and to protect your privacy and passwords from identity theft, do not click on links in emails that you do not know the identity of the sender’s, or if you clicked on a link in the email and entered the site where you are asked to enter your username, password or other personal information, first check the address (URL) of the site, and if it is not a familiar one, refrain from entering your personal information. In addition, after logging in to sites that ask you to enter your user ID and password, always and at every step of the task, check your browser’s address bar and ensure that the address of the page is identical to the address of the site you are looking for.
You can read Google’ guide on this for more information.