Latest news with #MarcoFigueroa
Mint
a day ago
- Mint
Gmail users may be at risk of being scammed by cybercriminals using Gemini
A new cyber threat is making its way into Gmail inboxes, and this time it involves Gemini, Google's built-in AI assistant. Security researchers have identified a method where attackers manipulate Gemini into displaying false warnings, tricking users into giving away sensitive information. It is a clever tactic and one that highlights the growing concerns around AI misuse. At the centre of this scam is a technique known as prompt injection. Attackers are embedding invisible instructions within email messages by using white text and zero font size. These hidden messages are not visible to users but can be read by Gemini when asked to summarise the email content. When the AI reads these prompts, it reacts just as the attacker intends. For instance, Gemini might show a fake warning that your Gmail account has been compromised. It will then suggest calling a support number that connects directly to a scammer. This person may then attempt to collect your passwords, recovery codes or any other personal details. It is a sophisticated con that plays on both trust and urgency. Cybersecurity expert Marco Figueroa has raised the alarm on how easily Gemini can be influenced by these hidden prompts. The concern is not only the vulnerability of the AI but also the way people may rely on it without question. Many users trust AI-generated suggestions and may not verify the information before taking action. To protect yourself, experts recommend a few simple steps. Be cautious when using Gemini to summarise emails, especially those that appear urgent or security-related. Avoid calling any phone numbers mentioned in summaries unless verified independently. It is also wise to look out for strange formatting in emails, such as large empty spaces or odd layouts. Security professionals are also urging Google to implement stronger filters that remove hidden content before it reaches AI systems. There is an ongoing effort to improve Gemini's ability to detect and ignore these kinds of prompts. Google has acknowledged the issue and is reportedly working on improvements. According to statements, its security teams are testing Gemini against similar attacks and strengthening defences. Until then, users are advised to stay cautious. AI can be helpful, but it is not infallible. A little scepticism and manual checking can go a long way in keeping your data safe.
Economic Times
5 days ago
- Economic Times
Urgent warning for 1.8 billion Gmail users: ‘Hidden danger' steals passwords in ways even AI can't detect
Reuters A hidden danger stealing passwords prompts Google's urgent warning to over a billion Gmail users. A 'hidden danger,' which is stealing passwords, has prompted Google to issue an urgent warning for more than a billion Gmail users. The new type of attack has been flying under the radar, attacking 1.8 billion Gmail users without them even realizing it. As the danger looms over Gmail accounts, users need to make sure they follow the right instructions to combat the malicious activity. According to The Sun, hackers are tricking users into giving their credentials by using Google Gemini, the company's built-in AI tool. According to cybersecurity experts, bad actors are sending emails with concealed instructions that cause Gemini to generate fake phishing warnings. These tricks deceive users into giving away personal account information or visiting harmful websites. The emails are typically crafted to seem urgent and sometimes appear to come from a will construct these emails by setting the font size to zero and the text color to white before inserting prompts invisible to users but picked up by Gemini, The Sun bounty manager Marco Figueroa showed how a dangerous prompt could make users receive a false alert claiming their email account was compromised. These warnings would prompt victims to call a fake "Google support" phone number to resolve the issue. Experts have given multiple recommendations to users to help them fight these prompt injection attacks by acting immediately. The first suggestion asks the companies to configure email clients to detect and neutralize hidden content in message bodies. This move can help counter hackers sending invisible text within experts also advised users to use post-processing filters to scan inboxes for things like "urgent messages," URLs, or phone numbers. This step can strengthen defenses against scam came to light following research led by Mozilla's 0Din security team, which showed proof of one of the hostile attacks last week. The report explained how hackers tricked Gemini into displaying a fake security alert. It warned users their password had been stolen, but the message was fake and designed to steal their information. The trick works by hiding a secret size-zero font prompt in white text that matches the email when someone clicks "summarize this email" using Gemini, the tool reads the hidden message, not just the visible bit. This type of manipulation is called "indirect prompt injection," and it takes advantage of AI's inability to tell the difference between a user's question and a hacker's embedded can't distinguish between the two, since both simply look like text, and it will usually follow whichever appears first, even if it's malicious. Since Google has yet to patch this way of scamming victims, hackers can still exploit this technique. Sneaking in commands that the AI might follow will remain an effective way to leak sensitive data until users are properly protected from the threat. AI is also integrated into Google Docs, Calendar, and third-party apps, increasing the potential risk. Google has reminded users during this scamming crisis that it does not send security alerts through Gemini summaries.
Time of India
5 days ago
- Time of India
Urgent warning for 1.8 billion Gmail users: ‘Hidden danger' steals passwords in ways even AI can't detect
A 'hidden danger,' which is stealing passwords, has prompted Google to issue an urgent warning for more than a billion Gmail users. The new type of attack has been flying under the radar, attacking 1.8 billion Gmail users without them even realizing it. As the danger looms over Gmail accounts, users need to make sure they follow the right instructions to combat the malicious activity. According to The Sun, hackers are tricking users into giving their credentials by using Google Gemini , the company's built-in AI tool. Explore courses from Top Institutes in Select a Course Category Digital Marketing others Data Science Leadership MCA MBA Others Project Management Degree CXO Public Policy Data Science healthcare Data Analytics Management Technology Cybersecurity Healthcare Product Management Artificial Intelligence Finance Operations Management Design Thinking PGDM Skills you'll gain: Digital Marketing Strategy Search Engine Optimization (SEO) & Content Marketing Social Media Marketing & Advertising Data Analytics & Measurement Duration: 24 Weeks Indian School of Business Professional Certificate Programme in Digital Marketing Starts on Jun 26, 2024 Get Details Skills you'll gain: Digital Marketing Strategies Customer Journey Mapping Paid Advertising Campaign Management Emerging Technologies in Digital Marketing Duration: 12 Weeks Indian School of Business Digital Marketing and Analytics Starts on May 14, 2024 Get Details What do experts say According to cybersecurity experts, bad actors are sending emails with concealed instructions that cause Gemini to generate fake phishing warnings. These tricks deceive users into giving away personal account information or visiting harmful websites. The emails are typically crafted to seem urgent and sometimes appear to come from a business. Hackers will construct these emails by setting the font size to zero and the text color to white before inserting prompts invisible to users but picked up by Gemini, The Sun reported. GenAI bounty manager Marco Figueroa showed how a dangerous prompt could make users receive a false alert claiming their email account was compromised. These warnings would prompt victims to call a fake "Google support" phone number to resolve the issue. Live Events Experts have given multiple recommendations to users to help them fight these prompt injection attacks by acting immediately. The first suggestion asks the companies to configure email clients to detect and neutralize hidden content in message bodies. This move can help counter hackers sending invisible text within emails. Security experts also advised users to use post-processing filters to scan inboxes for things like "urgent messages," URLs, or phone numbers. This step can strengthen defenses against threats. How did the scam come to light The scam came to light following research led by Mozilla's 0Din security team, which showed proof of one of the hostile attacks last week. The report explained how hackers tricked Gemini into displaying a fake security alert. It warned users their password had been stolen, but the message was fake and designed to steal their information. The trick works by hiding a secret size-zero font prompt in white text that matches the email background. So when someone clicks "summarize this email" using Gemini, the tool reads the hidden message, not just the visible bit. This type of manipulation is called "indirect prompt injection," and it takes advantage of AI's inability to tell the difference between a user's question and a hacker's embedded message. AI can't distinguish between the two, since both simply look like text, and it will usually follow whichever appears first, even if it's malicious. Since Google has yet to patch this way of scamming victims, hackers can still exploit this technique. Sneaking in commands that the AI might follow will remain an effective way to leak sensitive data until users are properly protected from the threat. AI is also integrated into Google Docs, Calendar, and third-party apps, increasing the potential risk. Google has reminded users during this scamming crisis that it does not send security alerts through Gemini summaries.
&w=3840&q=100)
Business Standard
5 days ago
- Business Standard
Gmail's Gemini-powered summaries may expose users to security risks: Report
Google has been gradually integrating new AI capabilities into its mobile Gmail app. In June, it introduced a feature powered by Gemini that generates summaries of emails and lengthy threads. According to a report by The Indian Express, a recently uncovered security flaw indicates that these AI-generated summaries can be misused to display harmful instructions and embed links to malicious websites. Indian Express cites Marco Figueroa, GenAI Bug Bounty Programs Manager at Mozilla, stating that a security researcher uncovered a prompt injection flaw in Google Gemini for Workspace, which let attackers 'hide malicious instructions inside an email' that triggered when users clicked the 'Summarise this email' button in Gmail. Attack through Gemini: How does this work As per the report, hackers found a way to hide secret instructions in emails that trick Google's Gemini AI. They did this by placing hidden text at the end of the email using HTML and CSS, making the font size zero and the colour white so it could not be seen. Because these emails do not contain attachments, they can easily pass through Google's spam filters and reach users' inboxes. When someone opens the email and clicks 'Summarise this email' using Gemini, the AI follows the hidden commands without knowing they are harmful. Mozilla's Marco Figueroa explained how such prompt injections can be detected with: Gemini can be updated to ignore or remove hidden text in emails. Google can use a post-processing filter to scan Gemini's output for: Urgent messages, Phone numbers, Suspicious links. These flagged elements can then be reviewed for potential threats. Google has reportedly issued a statement to BleepingComputer, stating, 'We are constantly hardening our already robust defenses through red-teaming exercises that train our models to defend against these types of adversarial attack." The company representative clarified to BleepingComputer that some of the mitigations are in the process of being implemented or are about to be deployed. The report further states that Google has seen no evidence of incidents manipulating Gemini in the way demonstrated in Figueroa's report.
The Irish Sun
5 days ago
- The Irish Sun
Warning to all 1.8bn Gmail users over ‘hidden danger' that steals password without you noticing – what to watch out for
AN URGENT warning has been issued for over a billion Gmail users amid a "hidden danger" which is stealing passwords - and this is what you need to watch out for. The new type of attack has been flying under the radar, attacking an eye-watering 1.8 billion Gmail users without them even noticing. 2 Malicious actors are targeting 1.8 billion Gmail users through an email scam Credit: Getty Users therefore need to make sure they follow the correct instructions in order to combat the malicious activity. Thieving hackers are using Google Gemini - the company's AI built-in tool - to trick users into giving over their Cybersecurity experts have found that These tricks users into READ MORE TECH NEWS The Shady GenAI bounty manager Marco Figueroa demonstrated how such a dangerous prompt could falsely alert users that their email account has been compromised. These warnings would urge victims to call a fake "Google support" phone number provided, in order to resolve the issue. Most read in Tech To fight these prompt injection attacks, experts have made a number of recommendations that users should act on immediately. They firstly suggested that companies Google adds AI upgrade to your Gmail that writes emails for you – find it in seconds if you're eligible for freebie This should help counter hackers sending invisible text within emails. Security experts also recommended that users implement post-processing filters to scan inboxes for suspicious elements like "urgent messages", URLs, or phone numbers. This action could bolster defences against threats. The scam was brought to light after research, spearheaded by Mozilla's 0Din security team, showed proof of one of the hostile attacks last week. The report showed how hackers tricked Gemini into showing a fake security alert. It warned users their password had been stolen - but the message was fake and designed to steal their info. The trick works by hiding a secret size zero font prompt in white text that matches the email background. So when someone clicks "summarise this email" using Gemini, the tool reads the hidden message - not just the visible bit. This form of manipulation is named "indirect prompt injection", and it takes advantage of AI's inability to differentiate between a user's question and a hacker's embedded message. AI cannot tell the difference, as both messages look like text, and it will usually follow whichever comes first - even if it is malicious. As Google have failed to patch this method of scamming victims, the door is still open for hackers to exploit this technique. Sneaking in commands that the AI may follow will be an effective method of leaking sensitive data until users are properly protected against the threat. AI is also incorporated into Google Docs, Calendar, and outside apps - widening the scope of the potential risk. Google has reminded users amid this scamming crisis that it does not issue security alerts through Gemini summaries. So if a summary tells you that your password is at risk, or prompts you with a link to click - users should always treat it as suspicious and delete the email. 2 Users need to follow the steps to protect against the scam Credit: Alamy
