A new article on Motherboard details how hackers used a spearfishing attack to get passwords and break into the email of members of the Democrat National Committee, namely John Podesta, and also Colin Powell. The attack came as a phoney message from Google that someone had their password and they should change the password immediately, along with a big "change password" button. Leo says that's one reason why people should never click on a link included in an email. Additionally, Google will never contact you directly with such a message.
Leo says that had Podesta and Powell turned on 2nd factor authentication on their Gmail accounts, this attack would've been much harder to pull off.