It's so realistic it's even baffling IT experts. So, how can you avoid it?

Here's how the scam works:

The attacker sends an email to your Gmail account. That email will more than likely come from someone you know who has had their account hacked using this phishing technique. It may also include an attachment - something that looks like an image, etc.

You click on the attachment (image) fully expecting to get a preview. BUT, instead a new tab opens up and you are asked by Gmail to sign in again.

Your browser location bar looks okay because you see nothing out of the ordinary, but as soon as you finish signing in your account has been compromised.

Once they have access to your account, the attacker also has full access to all your emails including sent and received at this point and may download EVERYTHING.

Nothing is off limits once they're in, so please be aware, and be careful!

More From 106.9 KROC-FM