A new phishing attack was first seen in June 2016, and was observed again this past month. The attack relies on telling users they received an important or secure file, and they need to visit a web page to view it. To view the document, users have to enter their login credentials. The only thing working on the page is the login form that will record any login credentials that you enter. These type of attacks could be quite effective and harder to detect for what they really are.
Source: https://www.bleepingcomputer.com/news/security/clever-phishing-trick-you-need-to-be-aware-of/