Google's Gmail Warning—If You See This, You're Being Hacked
Google warns Gmail users to beware 'a new wave of threats' that exploit AI upgrades to attack users. This includes 'indirect prompt injections,' with 'malicious instructions [hidden]A new warning has just been issued for Gmail users, showing this threat in action, putting users at risk as Google's fast-paced AI upgrades open new attack surfaces. Just as with other deployments, it is proving alarmingly easy to trick AI into attacking users.
The warning via 0din, Mozilla's zero-day investigative network, follows a researcher 'demonstrating a prompt-injection vulnerability in Google Gemini for Workspace that allows a threat-actor to hide malicious instructions inside an email.'
If an attacker hides prompts within an email, when a user clicks 'summarize this email' using one of Gmail's recent AI uplifts, 'Gemini faithfully obeys the hidden prompt and appends a phishing warning that looks as if it came from Google itself.'
In this proof, the prompt was hidden using a white-on-white font that means the users would never see it for themselves. But Gemini sees it just fine. 'Similar indirect prompt attacks on Gemini were first reported in 2024, and Google has already published mitigations, but the technique remains viable today.'
Beware this hidden Gmail threat.
Gmail users need to ignore any Google warnings within AI summaries — it's not how Google issues user warnings. 0din advises security teams to 'train users that Gemini summaries are informational, not authoritative security alerts' and to 'auto-isolate emails containing hidden or elements with zero-width or white text.'
As I have warned before, this is a much wider threat. 'Prompt injections are the new email macros, 0din says, and this latest proof of concept 'shows that trustworthy AI summaries can be subverted with a single invisible tag.'
0din says that 'until LLMs gain robust context-isolation, every piece of third-party text your model ingests is executable code,' which means much tighter controls.
Whether it's abuse of user-facing AI tools or hijacking AI to design or even execute the attacks themselves, it's clear that the game has now changed irreversibly.
If you ever see any security warning in a Gmail email summary that purports to come from Google, you should delete the email as it actually contains hidden AI prompts that represent a threat to you, your devices and your data.
Google warns 'as more governments, businesses, and individuals adopt generative AI to get more done, this subtle yet potentially potent attack becomes increasingly pertinent across the industry, demanding immediate attention and robust security measures.'
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Hamilton Spectator
34 minutes ago
- Hamilton Spectator
Looking to AI for a financial plan? Take it more as guidance than gospel, experts say
As Canadians increasingly turn to AI chatbots for help with everyday tasks like meal planning, workout routines and even mapping out vacation itineraries, some are also using it to help manage their money. 'It's a personal financial assistant,' said Martin Dasko, a content creator focused on personal finance. One way Dasko uses AI is to set up savings plans for upcoming vacations by giving ChatGPT a prompt about his savings target and asking for a plan on how to achieve that amount within a specific timeline. 'It'll give you a monthly plan to follow,' he said. 'It's all in one spot … You can get a table, a chart and it's easier than ever.' In the age of do-it-yourself investing and robo-advisers, AI chatbots have become another go-to for many young Canadians to set up budgets and map out financial goals. But experts say you need to have a solid sense of your finances first in order to get suitable answers. 'There is a little bit of work that the individual needs to do to be confident and accurate in the numbers that it produces,' said Sun Life financial planner Katelyn Aitcheson of AI chatbots. That means knowing the basics such as the difference between your fixed and variable expenses, recurring versus one-time expenses and even what your net worth is. Aitcheson recalled a client who recently bought a new home and turned to a generative AI chatbot to help decide whether to get life insurance or mortgage insurance for the house. 'It did give her a high-level overview of the differences between personally-owned life insurance and mortgage insurance,' Aitcheson said. But the AI response was missing the nuances. The chatbot didn't tell the client that she could buy additional insurance coverage to cover income replacement or that she could potentially reduce her coverage in a personal life insurance policy over time, Aitcheson said. Still, AI chatbots are finding a place in managing everyday money. 'For a lot of people, the ability to grab some basic information very quickly and easily, and kind of cut through the noise, I think, is very powerful,' Aitcheson said. She said the technology can offer a fairly accurate breakdown of money allocation for financial goals such as saving for retirement or paying off a student loan — or at least putting a user on the right path. Dasko said the most common prompt people can use is: 'Help me create a monthly budget with (insert) income and (insert) expenses.' AI would then offer a budget style people can choose from, he said. Then, Dasko suggested customizing the plan with prompts such as: 'Where can I cut $100 to start saving more?' or 'Help me save $10,000 in the next year,' and 'What's a realistic monthly plan, or weekly plan or quarterly plan?' But it's not always safe to ask AI questions that may contain sensitive information, Check Point's cybersecurity evangelist Jane Arnett warned. Canada doesn't yet have any legislation protecting AI users, and it's hard to know how the data is stored or used. 'Stop and think: 'Okay, with this that I'm putting in here, what would happen if I was giving this to someone who was trying to rob me right now?'' Arnett said. 'Basically, assume that anything you're putting into these systems is public information,' she said. She also cautioned that users might receive incorrect or half-baked information if the prompts aren't specific enough. 'You could end up with advice that is wrong, that is maybe for people in the United States but doesn't apply to people in Canada, maybe advice that's outdated,' she said. Arnett suggested verifying the information or financial plan spat out by the AI chatbot with a human financial adviser. 'You'll walk in knowing more and having a better and deeper conversation with your financial planner,' she said. This report by The Canadian Press was first published July 15, 2025.
Yahoo
36 minutes ago
- Yahoo
Illinois Tool Works' Dividend Growth Makes It a Strong Industrial Stock
Illinois Tool Works Inc. (NYSE:ITW) is included among the 13 Best Industrial Dividend Stocks to Buy Right Now. A factory in operation, its machinery humming as new industrial products get built. The company stands out as a strong example of setting bold objectives, meeting them, and delivering long-term value to its shareholders. Between 2012 and 2023, ITW implemented its Enterprise Strategy, which led to a rise of over 9 percentage points in operating margin, more than tripled both its earnings per share and market capitalization, and grew its dividend by 3.7 times. Illinois Tool Works Inc. (NYSE:ITW) currently offers a quarterly dividend of $1.50 per share, with a dividend yield of 2.31%, as of July 13. The company has been rewarding its shareholders with growing dividends for the past 52 years. Illinois Tool Works Inc. (NYSE:ITW) aims to reach a 30% operating margin by 2030 and deliver average annual earnings per share growth of 9% to 10%, which would allow for a 7% yearly increase in its dividend. The company also plans to turn all of its net income into free cash flow, helping to fund rising dividends, share repurchases, and ongoing investments in the business. While the strategy is ambitious, ITW's consistent improvement in operating margin over time shows that it's achievable. While we acknowledge the potential of ITW as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the best short-term AI stock. READ NEXT: and . Disclosure: None. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
The Verge
an hour ago
- The Verge
Rivian's maps get Google-fied.
Posted Jul 15, 2025 at 2:00 PM UTC Rivian's maps get Google-fied. The electric automaker is launching its new map built on top of Google Maps using the service's Automotive SDK. Rivian, which notably does not allow Apple CarPlay or Android Auto in its vehicles, says the new maps feature real-time traffic updates, tappable points of interest, and satellite imagery. And since its embedded software, it can integrate important vehicle information, like how much range will be left on arrival and whether charging stops will be needed. And don't forget Rivian's 'charging score' so you can tell whether a charging station is up to snuff.
