>>But I wonder, is this a personal attack, or is someone trying to systematically steal thousands of accounts for some reason.
>
>Good question. Actually I used the Gmail email in a non-financial web site so I am not worried much. The email looks kind of legitimate. As if someone tried to change a password and Google says, "we will send you an email with the link where you can change the password." And, obviously, since it is my email, the message went to me. But it could be bogus too, never know. I use this Gmail email in a personal blog I write in Spanish (or used to). So good luck to them to getting anything useful out of it <g>.
There are always a few very simple things if it looks almost right but you aren't sure: look at the source. Ctrl+U in Thunderbird/Mozilla/probably Safari too, and rightclick+ViewSource in OL, maybe - find it, I never really used it much.
Then in the source, find the actual URL of the place where it intended to send you. Not the URLs of the icons, backgrounds etc - 99% of these are usually legitimate. Concentrate on the URL where you'd have gone if you clicked.
If this URL is malformed (not something.morething.com or xxx.yyy.zzz.qqq but containing a bunch of stuff and then having a @ somewhere in the middle) it's a safe bet that it's not safe. It's scam/spam/sham.