Gmail users are being cautioned to remain vigilant against a new form of scam that conceals itself within email messages. There seems to be a method of tricking Google’s advanced AI Gemini service, potentially enabling hackers to insert fraudulent messages into users’ inboxes through the summary feature.
For those unfamiliar, Google now offers Gmail users a brief email summary using smart Gemini AI technology. This feature condenses lengthy messages into easily digestible bullet points for quicker comprehension.
While this enhancement is convenient, it has unveiled an underlying risk. According to reports by Bleeping Computer, cybercriminals could manipulate the system to display unauthorized text, such as false alerts within the email summaries.
One example showcases a warning message claiming Gmail passwords have been compromised, instructing users to call a provided number immediately. Mozilla experts have confirmed a flaw within the Gemini email summary feature that allows these hidden prompts to appear when messages are accessed.
Google has responded to this vulnerability, emphasizing its ongoing efforts to enhance platform security. A Google spokesperson assured that the company continuously strengthens its defense mechanisms through rigorous training exercises to combat adversarial attacks.
Despite Google’s proactive stance, there have been no reported attacks on users in this manner, and there is no widespread threat detected. Nonetheless, this incident underscores the persistent threat of email infiltration by cybercriminals, underscoring the importance of remaining vigilant.
It is crucial to remember that Google typically does not initiate contact with users. If there are concerns about compromised passwords, users are advised to directly access Google’s official platform to address security issues.
A key precautionary measure is to exercise caution when interacting with email content or AI summaries and to refrain from dialing any numbers unless their legitimacy as official hotlines is verified.