Ref: https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/

What you need to know

A new highly effective phishing technique targeting Gmail and other services has been gaining popularity during the past year among attackers. Over the past few weeks there have been reports of experienced technical users being hit by this. This attack is currently being used to target Gmail customers and is also targeting other online services.

[Basically, the location bar of your web browser is used to trick you into disclosing your account credentials by displaying an actual login page’s URL that is prefaced by something sneaky.]

How to protect yourself against this type of phishing attack

You have always been told: “Check the location bar in your browser to make sure you are on the correct website before signing in.” To protect yourself against this new phishing technique, you need to change what you are checking in the location bar. Read more…

[Please read the article posted on WordFence.com for the complete story. Also note that while Middlebury has a Google Apps for Education (or G-Suite) instance, our sign-in page is a Middlebury-branded and not a Google-branded. Still, this is important info for protecting your personal Gmail account and other services that this technique may try to exploit.]