The scam, known as spear phishing, was used in a bid to get passwords of Gmail accounts so they could be monitored.
Via a small number of customised messages it tries to trick people into visiting a web page that looks genuine so users type in login names
Such attacks are often aimed at top officials or chief executives.
Such attacks are not new, say security professionals, but they are becoming more commonplace.
"What is happening more and more is the targeting of a couple of high value individuals with the one goal of acquiring valuble information and valuable data," said Dan Kaminsky, chief scientist at security firm DKH.
"The most interesting information is concentrated in the accounts of a few people," he said. "Attackers using information to impersonate the users is at epidemic proportions and why computer security is in the state it is in."
In March, security firm RSA was hit by a sophisticated spear-phishing attack that succeeded despite only two attacking e-mails being sent. The phishing e-mail had the subject line "2011 Recruitment Plan" and contained a booby-trapped spreadsheet.