Urgent warning for 1.8 billion Gmail users: ‘Hidden danger' steals passwords in ways even AI can't detect
A 'hidden danger,' which is stealing passwords, has prompted Google to issue an urgent warning for more than a billion Gmail users. The new type of attack has been flying under the radar, attacking 1.8 billion Gmail users without them even realizing it. As the danger looms over Gmail accounts, users need to make sure they follow the right instructions to combat the malicious activity.
According to The Sun, hackers are tricking users into giving their credentials by using Google Gemini, the company's built-in AI tool.
According to cybersecurity experts, bad actors are sending emails with concealed instructions that cause Gemini to generate fake phishing warnings. These tricks deceive users into giving away personal account information or visiting harmful websites. The emails are typically crafted to seem urgent and sometimes appear to come from a business.Hackers will construct these emails by setting the font size to zero and the text color to white before inserting prompts invisible to users but picked up by Gemini, The Sun reported.GenAI bounty manager Marco Figueroa showed how a dangerous prompt could make users receive a false alert claiming their email account was compromised. These warnings would prompt victims to call a fake "Google support" phone number to resolve the issue.
Experts have given multiple recommendations to users to help them fight these prompt injection attacks by acting immediately. The first suggestion asks the companies to configure email clients to detect and neutralize hidden content in message bodies. This move can help counter hackers sending invisible text within emails.Security experts also advised users to use post-processing filters to scan inboxes for things like "urgent messages," URLs, or phone numbers. This step can strengthen defenses against threats.The scam came to light following research led by Mozilla's 0Din security team, which showed proof of one of the hostile attacks last week. The report explained how hackers tricked Gemini into displaying a fake security alert. It warned users their password had been stolen, but the message was fake and designed to steal their information. The trick works by hiding a secret size-zero font prompt in white text that matches the email background.So when someone clicks "summarize this email" using Gemini, the tool reads the hidden message, not just the visible bit. This type of manipulation is called "indirect prompt injection," and it takes advantage of AI's inability to tell the difference between a user's question and a hacker's embedded message.AI can't distinguish between the two, since both simply look like text, and it will usually follow whichever appears first, even if it's malicious. Since Google has yet to patch this way of scamming victims, hackers can still exploit this technique. Sneaking in commands that the AI might follow will remain an effective way to leak sensitive data until users are properly protected from the threat.
AI is also integrated into Google Docs, Calendar, and third-party apps, increasing the potential risk. Google has reminded users during this scamming crisis that it does not send security alerts through Gemini summaries.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Indian Express
3 hours ago
- Indian Express
India-US trade deal: Commerce Ministry advised against accepting ‘unilaterally framed obligation' on digital taxes
Legal advisers to the Commerce and Industry Ministry have suggested that Indian negotiators dealing with their US counterparts should not accept Washington's proposal that prohibits India from reintroducing equalisation levy-style taxes, such as the 'Google tax', in the future, a person aware of the negotiations told The Indian Express. The advice was offered on the grounds that the provisions drafted by the US did not state that both parties should refrain from applying digital taxes on each other. Rather, they sought a legal commitment only from the Indian side and were seen as a 'unilaterally framed obligation', the source said. While the US offers a range of digital services in India and American tech companies have long lobbied against any taxes on such services, India also exports a wide range of digital services to the US — particularly in the IT sector — generating the majority share of its total services exports earnings from the US market. Another concern raised with the government was that agreeing to such unilateral provisions could set a risky precedent for future trade negotiations, where similar demands could be made by other trading partners during talks with New Delhi, thereby complicating future negotiations. In a move to assuage US concerns about India being a high-tariff nation, the Central government in March proposed abolishing the equalisation levy on online advertisements as part of the amendments to the Finance Bill, 2025. An equalisation levy is a measure to 'equalise' the tax treatment of resident and non-resident e-commerce companies. As part of the 35 amendments to the Finance Bill, 2025, the Centre proposed removing the 6 per cent equalisation levy (EL) it charges on digital ads, effective from 1 April 2025. A query emailed to the Commerce and Industry Ministry remained unanswered till press time. 'Digital taxation is typically discussed outside the framework of a trade agreement. It is a nation's sovereign right to decide on such matters, and India should reserve that right. Bringing it under the scope of a trade agreement weakens your position. We need to examine the digital trade chapters of the US and Australia, which India must study carefully. Australia has provided the US with a carve-out that allows for protections for US services. We also need to secure our IT/ITeS and technology exports from taxation in the US, our largest market' Arpita Mukherjee, professor at Indian Council for Research on International Economic Relations (ICRIER) said. Notably the US has forced Indonesia to several steep terms on digital trade. Indonesia has committed to address barriers impacting digital trade, services, and investment, a White House statement said. 'Indonesia will provide certainty regarding the ability to transfer personal data out of its territory to the United States. Indonesia has committed to eliminate existing HTS tariff lines on 'intangible products' and suspend related requirements on import declarations; to support a permanent moratorium on customs duties on electronic transmissions at the WTO immediately and without conditions; and to take effective actions to implement the Joint Initiative on Services Domestic Regulation, including submitting its revised Specific Commitments for certification by the World Trade Organization (WTO),' the White House statement read. The United States Trade Representative (USTR), in its report on non-tariff barriers, had earlier cited the 6 per cent equalisation levy as a discriminatory measure against US firms. The USTR report said that most digital services taxes are designed in ways that discriminate against US companies, often singling out American firms for taxation while excluding domestic companies engaged in similar lines of business. The US has also raised concerns about digital services taxes with a number of trade partners, particularly the EU. 'The disproportionate capture of US firms by the EU's Digital Services Act (DSA) and Digital Markets Act (DMA) is also noted as undermining US competitiveness due to increased compliance costs not borne by EU competitors,' the USTR said. Differences between India and the US assume significance as New Delhi continues to face the risk of 26 per cent reciprocal tariffs. After Indian negotiators completed another round of discussions in Washington last week, a US team led by the US Trade Representative for South and Central Asia, Brendan Lynch, is expected to visit India in mid-August to continue negotiations for a trade agreement. While India and the US have agreed on a wide range of tariff lines, the negotiations — which currently only involve market access for goods — remain stuck over sensitive sectors such as agriculture and automobiles, which are key job creators in India. Ravi Dutta Mishra is a Principal Correspondent with The Indian Express, covering policy issues related to trade, commerce, and banking. He has over five years of experience and has previously worked with Mint, CNBC-TV18, and other news outlets. ... Read More
Economic Times
3 hours ago
- Economic Times
Sam Altman throws humans under the bus, says OpenAI will wipe out entire job sectors — this one tops the list
What exactly did Sam Altman say about job loss? Live Events Is AI really ready to replace human workers? How are companies and consumers reacting? FAQs (You can now subscribe to our (You can now subscribe to our Economic Times WhatsApp channel is once again raising concerns, but this time they pertain to jobs. During a recent trip to Washington, Sam Altman made a bold prediction that artificial intelligence will likely replace entire categories of human labor, beginning with one specific comments come amid growing public concern about the unchecked rise of artificial intelligence in everyday industries. Altman's remarks raise fresh concerns about AI's economic Sam Altman predicts that AI will completely replace job sectors such asThe CEO of OpenAI is expressing widespread concerns that artificial intelligence could have disastrous consequences for the human labor market by threatening to eradicate entire job claims that because AI agents are faster and more efficient, many roles will be "totally gone." Critics warn that such automation could backfire, as customers still require human assistance."Some areas" of the labor market will be "just like totally, totally gone" as AI agents replace them, Altman told Michelle Bowman, the vice-chair for supervision at the Federal Reserve, during his most recent visit to Washington, DC, as per a report by service positions were noted by Altman as a "category where I just say, you know what, when you call customer support, you're on target and AI, and that's fine.""Now you call one of these things and AI answers," said the man. "It's like a really intelligent, strong individual. Both the phone tree and transfers are absent. It has all the capabilities of a customer service representative at that the remarks, the billionaire, who likely hasn't had to interact with a customer service representative over the phone in a long time, essentially dismissed human involvement.'It does not make mistakes," he added. "It's very quick. You call once, the thing just happens, it's done,' he said, as quoted in a report by debatable if OpenAI's technology truly approaches that objective. Critics claim that AI frequently substitutes an unreliable and vulnerable alternative for human are also pragmatic considerations: businesses that have tried to replace human labor with unproven AI have already received a great deal of negative this point, businesses are acknowledging that they are reversing their pledges to eliminate human Siemiatkowski, the CEO of the fintech company Klarna, changed his mind after boasting that an AI assistant could perform 700 jobs. He stated that "from a brand perspective, it's so critical that you are clear to your customer that there will always be a human if you want."According to a study conducted last year, most consumers oppose businesses using artificial intelligence (AI) for customer technology is causing chaos and frustration due to the obvious issues with the AI models that are currently available. For example, a customer discovered earlier this year that Cusor, an AI-powered software coding assistant, was inexplicably logging them were informed by an AI-powered customer service representative that it was "expected behavior" under a new login policy, but the glitchy AI later revealed that this was a is envisioning a future that has not yet been created and may or may not come to pass. He wants to see it, though, because he stands to gain a lot as the head of one of the most prosperous AI firms in the Altman says customer support roles are among the first to be wiped out by Altman believes AI will eventually outperform humans in speed, accuracy, and convenience, but critics aren't convinced.
The Hindu
4 hours ago
- The Hindu
Gujarat approves action plan for Artificial Intelligence implementation in governance
Chief Minister Bhupendra Patel has approved the Action Plan for Implementation of Artificial Intelligence [AI] (2025–2030), setting the stage for the integration of AI into Gujarat's governance framework over the next five years. The plan aims to improve service delivery, strengthen administrative processes, and apply AI tools in sectors such as healthcare, education, agriculture, and finance. This move aligns with the broader goals of Viksit Gujarat@2047 and the national mission of Viksit Bharat@2047, officials said. Prepared by the Department of Science and Technology based on recommendations from a 10-member AI Taskforce Committee, the plan will serve as a roadmap to equip government departments with AI systems and capabilities. It also supports the Centre's broader objective, under the leadership of Prime Minister Narendra Modi, to expand the use of artificial intelligence in public policy, administration, and digital infrastructure. The State's action plan focuses on six major areas: building a secure and regulation-compliant data ecosystem; expanding GPU and cloud-based digital infrastructure, including setting up AI factories in Tier-2 and Tier-3 cities; training 2.5 lakh individuals—students, MSMEs, and government officials—in AI, machine learning, and related technologies; promoting research and partnerships between academia and industry for building practical government-use AI models; supporting DeepTech startups with incubation, mentorship, and funding; and ensuring safe and responsible AI through audit systems, guidelines, and risk protocols. Implementation will be carried out in phases, starting with the creation of a State-level AI data repository, setting up AI development facilities, and launching pilot projects in selected departments. To oversee the entire effort, the Government will establish a dedicated AI and Deep Tech Mission. This institutional mechanism will lead the design, planning, and monitoring of AI projects while facilitating collaboration between academic institutions, industry players, and startups. Gujarat has already taken steps to strengthen its AI foundation, including the launch of an AI Centre of Excellence at GIFT City, the organisation of AI training programmes for public officials, and the issuance of an Expression of Interest for developing Indian language-based AI models. The state has also conducted an AI Innovation Challenge to encourage practical solutions.
