Gmail users are being cautioned to remain vigilant against a new type of scam that is concealed within email messages. Reports indicate that hackers have found a way to manipulate Google’s intelligent AI Gemini service, potentially enabling them to insert fraudulent messages into users’ inboxes when utilizing the email summary feature.
For those unfamiliar, Google now offers Gmail users the option to view a brief summary of emails through the Gemini AI system. This feature condenses lengthy messages into bullet points for quicker comprehension.
While this enhancement is beneficial, it has unveiled a hidden risk. Cybercriminals could exploit this system to display additional text within the email summaries, such as false warnings or prompts, as demonstrated in a recent example where a fake alert about compromised passwords was included at the end of the summary.
Security experts have verified that the Gemini email summary feature contains a potential vulnerability that allows malicious actors to insert hidden messages that appear when emails are opened.
In response to this flaw, Google has assured users that it is actively enhancing its security measures to safeguard against such attacks. The tech giant emphasized its commitment to reinforcing its defenses through rigorous training exercises to combat adversarial threats.
While no widespread threat has been detected, this incident underscores the ongoing risk of email infiltration by cybercriminals. Users are advised to exercise caution and refrain from trusting unsolicited emails or AI summaries. If there are concerns about compromised passwords, it is recommended to directly access Google’s official platform to address the issue securely.
It is crucial to remember that Google typically does not initiate contact with users, and caution should be exercised before dialing any provided numbers unless their legitimacy is confirmed. Stay vigilant against potential email threats and remain cautious when interacting with unfamiliar messages or requests.