UserAgent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0

Steps to reproduce the problem:
1. while open google chrom in sign in tab
2. fake malware and redirect link get user to malware site and officialy the tab shows its real google.com link
3.  this kind of vulnerablity can hijack user and become a big payload

What is the expected behavior?
according to expected behavior the vulnerablity is very harmfull for google users

What went wrong?
wrong is that the sign in and sync tab take user to malware which one created by attacker and in login page url bar shows real google link 

Did this work before? Yes 02/03/2017 chrome lateset version

Chrome version: <Copy from: 'about:version'>  Channel: n/a
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
Flash Version: Shockwave Flash 24.0 r0

this kind of vulnerablity can hijack user information and hack