Warning to all 1.8bn Gmail users over ‘hidden danger' that steals password without you noticing – what to watch out for
GOOG GOD Warning to all 1.8bn Gmail users over 'hidden danger' that steals password without you noticing – what to watch out for
Click to share on X/Twitter (Opens in new window)
Click to share on Facebook (Opens in new window)
AN URGENT warning has been issued for over a billion Gmail users amid a "hidden danger" which is stealing passwords - and this is what you need to watch out for.
The new type of attack has been flying under the radar, attacking an eye-watering 1.8 billion Gmail users without them even noticing.
Sign up for Scottish Sun
newsletter
Sign up
2
Malicious actors are targeting 1.8 billion Gmail users through an email scam
Credit: Getty
Users therefore need to make sure they follow the correct instructions in order to combat the malicious activity.
Thieving hackers are using Google Gemini - the company's AI built-in tool - to trick users into giving over their credentials.
Cybersecurity experts have found that bad actors are sending emails with concealed instructions that cause Gemini to generate fake phishing warnings.
These tricks users into sharing personal account information, or visiting malicious websites.
The emails are usually constructed in a manner which makes them appear urgent - and occasionally from a business.
Shady hackers will craft these emails by setting the font size to zero and the text colour to white - before inserting prompts invisible to users but picked up by Gemini.
GenAI bounty manager Marco Figueroa demonstrated how such a dangerous prompt could falsely alert users that their email account has been compromised.
These warnings would urge victims to call a fake "Google support" phone number provided, in order to resolve the issue.
To fight these prompt injection attacks, experts have made a number of recommendations that users should act on immediately.
They firstly suggested that companies configure email clients to detect and neutralise hidden content in message bodies.
Google adds AI upgrade to your Gmail that writes emails for you – find it in seconds if you're eligible for freebie
This should help counter hackers sending invisible text within emails.
Security experts also recommended that users implement post-processing filters to scan inboxes for suspicious elements like "urgent messages", URLs, or phone numbers.
This action could bolster defences against threats.
The scam was brought to light after research, spearheaded by Mozilla's 0Din security team, showed proof of one of the hostile attacks last week.
The report showed how hackers tricked Gemini into showing a fake security alert.
It warned users their password had been stolen - but the message was fake and designed to steal their info.
The trick works by hiding a secret size zero font prompt in white text that matches the email background.
So when someone clicks "summarise this email" using Gemini, the tool reads the hidden message - not just the visible bit.
This form of manipulation is named "indirect prompt injection", and it takes advantage of AI's inability to differentiate between a user's question and a hacker's embedded message.
AI cannot tell the difference, as both messages look like text, and it will usually follow whichever comes first - even if it is malicious.
As Google have failed to patch this method of scamming victims, the door is still open for hackers to exploit this technique.
Sneaking in commands that the AI may follow will be an effective method of leaking sensitive data until users are properly protected against the threat.
AI is also incorporated into Google Docs, Calendar, and outside apps - widening the scope of the potential risk.
Google has reminded users amid this scamming crisis that it does not issue security alerts through Gemini summaries.
So if a summary tells you that your password is at risk, or prompts you with a link to click - users should always treat it as suspicious and delete the email.
2
Users need to follow the steps to protect against the scam
Credit: Alamy
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Rhyl Journal
4 hours ago
- Rhyl Journal
What is Google's AI Mode? How to use new tool in UK
The new artificial intelligence-powered tool is said to revolutionise the traditional online search, according to Google. AI Mode will start to appear as a tab on the Google Search results page and in the Google app for Android and Apple smartphones from Tuesday (July 29), and will be available to all UK users over the next few days. But what exactly is AI Mode and how can you use it? Let's find out. Our most powerful AI search is now rolling out in the UK 🇬🇧 AI Mode in Google Search expands on AI Overviews and allows you to go even deeper through follow-up questions and helpful links to the web. Try it today! Learn more → The function was launched in the US at the end of May, followed by India earlier in July, and comes in addition to Google's AI Overview, which is now built into its searches. Hailed as its most 'powerful AI search to date', it allows users to ask lengthy and complicated questions, as well as follow-ups. The tool is powered by Google's latest AI model, Gemini 2.5, and allows users to ask nuanced questions that would have previously required multiple searches. The new search works by breaking down questions into sub-topics and sending out a range of queries on behalf of users. It will also allow so-called multimodal searches, either by text, voice or pictures. Hema Budaraju, Google's vice president of product management for search, told the PA news agency it heralds a 'major shift' in the way people are using online searches, with questions now becoming longer and more complex. In a blog announcing the launch, Ms Budaraju said: 'AI Mode is a new, intuitive way to address your most complex, multi-part questions and follow-ups, and satisfy your curiosity in a richer way.' She added: 'AI Mode is particularly helpful for exploratory questions and for more complicated tasks like comparing products, planning a trip or understanding complex how-tos. 'In fact, we've found that early users of AI Mode are asking questions that are two or three times the length of traditional search queries.' Recommended reading: 'Stop before you tap' warning amid 'malicious' apps threat on mobile phones BT customers told to check accounts today as £18 million refunded Viral petition to repeal 'pointless' Online Safety Act reaches 340K signatures To summarise briefly, Google's AI Overviews provide AI-generated summaries above traditional search results and will offer a number of sources for readers to then click on and find out more information about a search query. Meanwhile, AI Mode offers a conversational, chat-like interface that replaces the standard results page with more in-depth breakdowns of search queries.
North Wales Chronicle
6 hours ago
- North Wales Chronicle
What is Google's AI Mode? How to use new tool in UK
The new artificial intelligence-powered tool is said to revolutionise the traditional online search, according to Google. AI Mode will start to appear as a tab on the Google Search results page and in the Google app for Android and Apple smartphones from Tuesday (July 29), and will be available to all UK users over the next few days. But what exactly is AI Mode and how can you use it? Let's find out. Our most powerful AI search is now rolling out in the UK 🇬🇧 AI Mode in Google Search expands on AI Overviews and allows you to go even deeper through follow-up questions and helpful links to the web. Try it today! Learn more → The function was launched in the US at the end of May, followed by India earlier in July, and comes in addition to Google's AI Overview, which is now built into its searches. Hailed as its most 'powerful AI search to date', it allows users to ask lengthy and complicated questions, as well as follow-ups. The tool is powered by Google's latest AI model, Gemini 2.5, and allows users to ask nuanced questions that would have previously required multiple searches. The new search works by breaking down questions into sub-topics and sending out a range of queries on behalf of users. It will also allow so-called multimodal searches, either by text, voice or pictures. Hema Budaraju, Google's vice president of product management for search, told the PA news agency it heralds a 'major shift' in the way people are using online searches, with questions now becoming longer and more complex. In a blog announcing the launch, Ms Budaraju said: 'AI Mode is a new, intuitive way to address your most complex, multi-part questions and follow-ups, and satisfy your curiosity in a richer way.' She added: 'AI Mode is particularly helpful for exploratory questions and for more complicated tasks like comparing products, planning a trip or understanding complex how-tos. 'In fact, we've found that early users of AI Mode are asking questions that are two or three times the length of traditional search queries.' Recommended reading: 'Stop before you tap' warning amid 'malicious' apps threat on mobile phones BT customers told to check accounts today as £18 million refunded Viral petition to repeal 'pointless' Online Safety Act reaches 340K signatures To summarise briefly, Google's AI Overviews provide AI-generated summaries above traditional search results and will offer a number of sources for readers to then click on and find out more information about a search query. Meanwhile, AI Mode offers a conversational, chat-like interface that replaces the standard results page with more in-depth breakdowns of search queries.
Scottish Sun
8 hours ago
- Scottish Sun
Sky TV expert reveals three little-known buttons to instantly skip ads, unlock secret ‘night mode' and lost remote trick
Click to share on X/Twitter (Opens in new window) Click to share on Facebook (Opens in new window) A SKY insider has shared some of his little-known tricks to get the best out of your TV. Sky Glass and Sky Stream hide a number of handy hacks, including ways to instantly skip ads faster than ever and a secret "night mode" that may come in very useful. Sign up for Scottish Sun newsletter Sign up 2 Sky's Matt Rye reveals his top tips 2 Never lose your remote again Credit: Sky Faster ad skipping So let's start with the ads first of all. If you pay for ad skip, you can bypass any breaks but some viewers go through the long process of manually fast forwarding. "Don't fancy watching the ads?" Matt Rye, Sky's Director of Product Management told The Sun. "Upgrade to the ad skip feature for the option to skip through them all using the 'skip ads' button that pops up on screen as soon as the break begins." This button will take you straight to the show content with needing to work out when to hit stop after fast fowarding. Night Mode Night Mode is a special feature that prevents you from waking up the entire household. This can come in especially useful for loud booms during a movie. "If you're a late-night TV watcher like I am, especially when watching movies until the early hours of the morning, you might not want to disturb everyone's sleep with loud volume," Matt says. "For this, we have night mode. "An optional setting, which reduces the volume level of dramatic sounds. "Press the three dots button on your remote to bring up the menu and select." Discover new features on Sky TV that make it even easier to find favourite shows Lost your remote? Losing your remote can be a right pain, leading to endless searches around the house or down the side of the sofa. Fortunately, there's an easy way people forget to use to instantly retrieve their controller. "If you've lost your remote down the back of the sofa, or the kids have hidden it somewhere, you can ask Glass to find it for you," Matt explains. "Say 'Hello Sky, Find my remote' and the remote will start beeping until you find it and pick it up."
