Warning to all 1.8bn Gmail users over ‘hidden danger' that steals password without you noticing – what to watch out for
GOOG GOD Warning to all 1.8bn Gmail users over 'hidden danger' that steals password without you noticing – what to watch out for
Click to share on X/Twitter (Opens in new window)
Click to share on Facebook (Opens in new window)
AN URGENT warning has been issued for over a billion Gmail users amid a "hidden danger" which is stealing passwords - and this is what you need to watch out for.
The new type of attack has been flying under the radar, attacking an eye-watering 1.8 billion Gmail users without them even noticing.
Sign up for Scottish Sun
newsletter
Sign up
2
Malicious actors are targeting 1.8 billion Gmail users through an email scam
Credit: Getty
Users therefore need to make sure they follow the correct instructions in order to combat the malicious activity.
Thieving hackers are using Google Gemini - the company's AI built-in tool - to trick users into giving over their credentials.
Cybersecurity experts have found that bad actors are sending emails with concealed instructions that cause Gemini to generate fake phishing warnings.
These tricks users into sharing personal account information, or visiting malicious websites.
The emails are usually constructed in a manner which makes them appear urgent - and occasionally from a business.
Shady hackers will craft these emails by setting the font size to zero and the text colour to white - before inserting prompts invisible to users but picked up by Gemini.
GenAI bounty manager Marco Figueroa demonstrated how such a dangerous prompt could falsely alert users that their email account has been compromised.
These warnings would urge victims to call a fake "Google support" phone number provided, in order to resolve the issue.
To fight these prompt injection attacks, experts have made a number of recommendations that users should act on immediately.
They firstly suggested that companies configure email clients to detect and neutralise hidden content in message bodies.
Google adds AI upgrade to your Gmail that writes emails for you – find it in seconds if you're eligible for freebie
This should help counter hackers sending invisible text within emails.
Security experts also recommended that users implement post-processing filters to scan inboxes for suspicious elements like "urgent messages", URLs, or phone numbers.
This action could bolster defences against threats.
The scam was brought to light after research, spearheaded by Mozilla's 0Din security team, showed proof of one of the hostile attacks last week.
The report showed how hackers tricked Gemini into showing a fake security alert.
It warned users their password had been stolen - but the message was fake and designed to steal their info.
The trick works by hiding a secret size zero font prompt in white text that matches the email background.
So when someone clicks "summarise this email" using Gemini, the tool reads the hidden message - not just the visible bit.
This form of manipulation is named "indirect prompt injection", and it takes advantage of AI's inability to differentiate between a user's question and a hacker's embedded message.
AI cannot tell the difference, as both messages look like text, and it will usually follow whichever comes first - even if it is malicious.
As Google have failed to patch this method of scamming victims, the door is still open for hackers to exploit this technique.
Sneaking in commands that the AI may follow will be an effective method of leaking sensitive data until users are properly protected against the threat.
AI is also incorporated into Google Docs, Calendar, and outside apps - widening the scope of the potential risk.
Google has reminded users amid this scamming crisis that it does not issue security alerts through Gemini summaries.
So if a summary tells you that your password is at risk, or prompts you with a link to click - users should always treat it as suspicious and delete the email.
2
Users need to follow the steps to protect against the scam
Credit: Alamy
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
STV News
an hour ago
- STV News
Google launches AI Mode in the UK amid ‘major shift' in online search
Google has unveiled the UK rollout of a new artificial intelligence-powered tool it believes will revolutionise the traditional online search. Hailed as its most 'powerful AI search to date', the US tech giant is launching AI Mode in Google Search across the UK this week, allowing users to ask lengthy and complicated questions, as well as follow-ups. AI Mode will start to appear as a tab on the Google Search results page and in the Google app for Android and Apple smartphones from Tuesday, and will be available to all UK users over the next few days. The function was launched in the US at the end of May, followed by India earlier in July, and comes in addition to Google's AI Overview, which is now built into its searches. Hema Budaraju, Google's vice president of product management for search, told the PA news agency it heralds a 'major shift' in the way people are using online searches, with questions now becoming longer and more complex. In a blog announcing the launch, Ms Budaraju said: 'AI Mode is a new, intuitive way to address your most complex, multi-part questions and follow-ups, and satisfy your curiosity in a richer way.' She added: 'AI Mode is particularly helpful for exploratory questions and for more complicated tasks like comparing products, planning a trip or understanding complex how-tos. 'In fact, we've found that early users of AI Mode are asking questions that are two or three times the length of traditional search queries.' The tool is powered by Google's latest AI model, Gemini 2.5, and allows users to ask nuanced questions that would have previously required multiple searches. The new search works by breaking down questions into sub-topics and sending out a range of queries on the behalf of users. It will also allow so-called multimodal searches, either by text, voice or pictures. Ms Budaraju said it should make it possible for people to 'find information that was previously much harder to find'. 'This is the beginning of a major shift,' she told PA. Google said it was improving factuality, but that where AI Mode is not confident in the answer, it will instead provide a set of web search results. 'And as with any early-stage AI product, we won't always get it right, but we are committed to continuous improvement,' Ms Budaraju said. Get all the latest news from around the country Follow STV News Scan the QR code on your mobile device for all the latest news from around the country
Leader Live
2 hours ago
- Leader Live
Google launches AI Mode in the UK amid ‘major shift' in online search
Hailed as its most 'powerful AI search to date', the US tech giant is launching AI Mode in Google Search across the UK this week, allowing users to ask lengthy and complicated questions, as well as follow-ups. AI Mode will start to appear as a tab on the Google Search results page and in the Google app for Android and Apple smartphones from Tuesday, and will be available to all UK users over the next few days. The function was launched in the US at the end of May, followed by India earlier in July, and comes in addition to Google's AI Overview, which is now built into its searches. Hema Budaraju, Google's vice president of product management for search, told the PA news agency it heralds a 'major shift' in the way people are using online searches, with questions now becoming longer and more complex. In a blog announcing the launch, Ms Budaraju said: 'AI Mode is a new, intuitive way to address your most complex, multi-part questions and follow-ups, and satisfy your curiosity in a richer way.' She added: 'AI Mode is particularly helpful for exploratory questions and for more complicated tasks like comparing products, planning a trip or understanding complex how-tos. 'In fact, we've found that early users of AI Mode are asking questions that are two or three times the length of traditional search queries.' The tool is powered by Google's latest AI model, Gemini 2.5, and allows users to ask nuanced questions that would have previously required multiple searches. The new search works by breaking down questions into sub-topics and sending out a range of queries on the behalf of users. It will also allow so-called multimodal searches, either by text, voice or pictures. Ms Budaraju said it should make it possible for people to 'find information that was previously much harder to find'. 'This is the beginning of a major shift,' she told PA. Google said it was improving factuality, but that where AI Mode is not confident in the answer, it will instead provide a set of web search results. 'And as with any early-stage AI product, we won't always get it right, but we are committed to continuous improvement,' Ms Budaraju said.
South Wales Guardian
3 hours ago
- South Wales Guardian
Google launches AI Mode in the UK amid ‘major shift' in online search
Hailed as its most 'powerful AI search to date', the US tech giant is launching AI Mode in Google Search across the UK this week, allowing users to ask lengthy and complicated questions, as well as follow-ups. AI Mode will start to appear as a tab on the Google Search results page and in the Google app for Android and Apple smartphones from Tuesday, and will be available to all UK users over the next few days. The function was launched in the US at the end of May, followed by India earlier in July, and comes in addition to Google's AI Overview, which is now built into its searches. Hema Budaraju, Google's vice president of product management for search, told the PA news agency it heralds a 'major shift' in the way people are using online searches, with questions now becoming longer and more complex. In a blog announcing the launch, Ms Budaraju said: 'AI Mode is a new, intuitive way to address your most complex, multi-part questions and follow-ups, and satisfy your curiosity in a richer way.' She added: 'AI Mode is particularly helpful for exploratory questions and for more complicated tasks like comparing products, planning a trip or understanding complex how-tos. 'In fact, we've found that early users of AI Mode are asking questions that are two or three times the length of traditional search queries.' The tool is powered by Google's latest AI model, Gemini 2.5, and allows users to ask nuanced questions that would have previously required multiple searches. The new search works by breaking down questions into sub-topics and sending out a range of queries on the behalf of users. It will also allow so-called multimodal searches, either by text, voice or pictures. Ms Budaraju said it should make it possible for people to 'find information that was previously much harder to find'. 'This is the beginning of a major shift,' she told PA. Google said it was improving factuality, but that where AI Mode is not confident in the answer, it will instead provide a set of web search results. 'And as with any early-stage AI product, we won't always get it right, but we are committed to continuous improvement,' Ms Budaraju said.
