Gmail users are being warned about a new phishing scam that looks so legit, it's even fooling the experts.
It tricks you into giving the hacker your Google login details which they can then use to forward the scam to anyone in your email contacts.
Hackers send a PDF attachment asking you to 'check document' by logging into your Gmail account, they've even managed to copy style of writing from contacts your regularly contact so you don't think twice about it being suss.
If you click on the attachment, hopefully it will trigger a HTTPS security warning, but in some cases it doesn't.
The scam won't activate until you login to your Google account through the sent link, which looks the dodgiest. (see pic below)
If you get a similar email, the advice is to NOT CLICK any of the links inside and delete immediately.
Experts say the best way to avoid being a victim is to establish a two-factor authentication on your account and keep a look out for the prefix 'data:text/html' in the browser bar. (If it starts with that, it's a fake)
Written by: @amydrewsnews