Saturday, March 29, 2025
New Delhi, July 24, 2025 — A new AI-powered phishing scam has put nearly 1.8 billion Gmail users at risk. Cybercriminals are now exploiting Google Gemini, the AI assistant integrated into Gmail, to display fake security alerts using a technique called prompt injection.
Hackers craft deceptive emails that hide invisible HTML/CSS code in the message body. When a user clicks “Summarize this email” — a Gemini AI feature — the assistant reads these hidden commands and shows fake warnings such as:
“⚠️ Alert: Your password has been compromised. Call 1-800-XXX… now.”
These alerts appear authentic and AI-generated, making users more likely to trust them.
Prompt Injection via Hidden Code:
Hackers use HTML/CSS tricks to hide malicious text.
Gemini reads the hidden text as instructions and follows them blindly.
AI-Generated Fake Warnings:
The AI summarizes the email with the attacker’s message.
Users are misled into thinking Google itself is warning them.
They may click a fake link or call a scam number.
✅ Don’t blindly trust AI summaries — Always verify sensitive alerts manually through your Google account.
✅ Inspect suspicious formatting — Look out for odd spacing or blank gaps in the email layout.
✅ Avoid clicking phone numbers or links in AI-generated summaries unless you’re absolutely sure they’re safe.
✅ Keep Gmail and Workspace apps updated — Google has confirmed a security patch is coming soon.
✅ Double-check anything Gemini tells you, especially security messages. A small mistake today could lead to big data loss.
Google is aware of the vulnerability and is rolling out AI security updates to mitigate this attack vector. Until then, users are urged to exercise extreme caution while using Gemini in Gmail.
