Hacker Helps Google Add Orkut to Gmail
The fake service, Gmail Plus, which purports to be Gmail + Orkut, doesn't actually capture your user ID and password. Instead, it delivers a "You (could have) gotten served" message when you enter information into the sign-in form.
For safety's sake, if you test his exploit, don't enter your real data.
Eric Farraro discovered the exploit while adding a legitimate Google search box to a Web page at work.
Farraro notified Google of the exploit, and Google has since removed the Public Service Search log-in.
Google has been the target of phishing exploits before. In July, Websense security labs reported that phishing attacks had increased in sophistication after the debut of Google Checkout.
Don't forget to check out this Google research paper from January titled "Limits to Anti-Phishing."