Gmail users are being cautioned to remain vigilant as a new type of scam has emerged within messages. Hackers have found a way to deceive Google’s intelligent Gemini AI service, potentially adding fake messages when users access their inbox and utilize the helpful summaries feature.
For those unfamiliar, Google now offers Gmail users a quick email summary using smart Gemini AI. This feature condenses lengthy messages into bullet points, making them quicker to read and comprehend.
Despite its convenience, this upgrade also poses a hidden risk. According to reports by Bleeping Computer, cybercriminals could exploit this system to display extra text, such as false warnings within the summary.
For instance, a warning message claiming that the user’s Gmail password has been compromised might appear, along with a request to call a provided phone number and reference code.
Mozilla experts have verified a potential vulnerability in the Gemini email summary feature that allows malicious actors to insert hidden prompts visible upon message opening.
Google has acknowledged the flaw and assured users of ongoing efforts to enhance platform security. A Google spokesperson stated that they are reinforcing defenses through various exercises to safeguard against such attacks.
The tech company emphasized that they have not received reports of users falling victim to this tactic, nor is there evidence of a widespread threat. Nevertheless, this incident highlights the persistent threat of email inbox infiltration, underscoring the importance of remaining vigilant.
Users are advised never to trust unsolicited emails or AI summaries and to refrain from calling any numbers unless they are certain of their legitimacy. If there are concerns about compromised passwords, it is recommended to access Google’s official platform to make necessary changes.
