Latest news with #GOOGGOD
Scottish Sun
6 days ago
- Scottish Sun
Warning to all 1.8bn Gmail users over ‘hidden danger' that steals password without you noticing – what to watch out for
Hackers are manipulating Google's AI Gemini tool to fool users into handing over sensitive information GOOG GOD Warning to all 1.8bn Gmail users over 'hidden danger' that steals password without you noticing – what to watch out for Click to share on X/Twitter (Opens in new window) Click to share on Facebook (Opens in new window) AN URGENT warning has been issued for over a billion Gmail users amid a "hidden danger" which is stealing passwords - and this is what you need to watch out for. The new type of attack has been flying under the radar, attacking an eye-watering 1.8 billion Gmail users without them even noticing. Sign up for Scottish Sun newsletter Sign up 2 Malicious actors are targeting 1.8 billion Gmail users through an email scam Credit: Getty Users therefore need to make sure they follow the correct instructions in order to combat the malicious activity. Thieving hackers are using Google Gemini - the company's AI built-in tool - to trick users into giving over their credentials. Cybersecurity experts have found that bad actors are sending emails with concealed instructions that cause Gemini to generate fake phishing warnings. These tricks users into sharing personal account information, or visiting malicious websites. The emails are usually constructed in a manner which makes them appear urgent - and occasionally from a business. Shady hackers will craft these emails by setting the font size to zero and the text colour to white - before inserting prompts invisible to users but picked up by Gemini. GenAI bounty manager Marco Figueroa demonstrated how such a dangerous prompt could falsely alert users that their email account has been compromised. These warnings would urge victims to call a fake "Google support" phone number provided, in order to resolve the issue. To fight these prompt injection attacks, experts have made a number of recommendations that users should act on immediately. They firstly suggested that companies configure email clients to detect and neutralise hidden content in message bodies. Google adds AI upgrade to your Gmail that writes emails for you – find it in seconds if you're eligible for freebie This should help counter hackers sending invisible text within emails. Security experts also recommended that users implement post-processing filters to scan inboxes for suspicious elements like "urgent messages", URLs, or phone numbers. This action could bolster defences against threats. The scam was brought to light after research, spearheaded by Mozilla's 0Din security team, showed proof of one of the hostile attacks last week. The report showed how hackers tricked Gemini into showing a fake security alert. It warned users their password had been stolen - but the message was fake and designed to steal their info. The trick works by hiding a secret size zero font prompt in white text that matches the email background. So when someone clicks "summarise this email" using Gemini, the tool reads the hidden message - not just the visible bit. This form of manipulation is named "indirect prompt injection", and it takes advantage of AI's inability to differentiate between a user's question and a hacker's embedded message. AI cannot tell the difference, as both messages look like text, and it will usually follow whichever comes first - even if it is malicious. As Google have failed to patch this method of scamming victims, the door is still open for hackers to exploit this technique. Sneaking in commands that the AI may follow will be an effective method of leaking sensitive data until users are properly protected against the threat. AI is also incorporated into Google Docs, Calendar, and outside apps - widening the scope of the potential risk. Google has reminded users amid this scamming crisis that it does not issue security alerts through Gemini summaries. So if a summary tells you that your password is at risk, or prompts you with a link to click - users should always treat it as suspicious and delete the email. 2 Users need to follow the steps to protect against the scam Credit: Alamy
Scottish Sun
17-06-2025
- Scottish Sun
Major warning to STOP using your Gmail password as Google VP issues security advice to 1.8billion users
We also reveal the most common passwords that can be hacked in seconds – do you use them? GOOG GOD Major warning to STOP using your Gmail password as Google VP issues security advice to 1.8billion users Click to share on X/Twitter (Opens in new window) Click to share on Facebook (Opens in new window) TECH giant Google has issued an urgent security warning to 1.8 billion Gmail users. In its latest advice, the Californian company is urging users to ditch their passwords. Sign up for Scottish Sun newsletter Sign up 1 Google says it wants to move beyond passwords to a passkey-based sign-in model Credit: Getty It comes after Microsoft ditched passwords in favour of passkeys as the default option to secure its online accounts for all new users. Google's Vice President of Privacy, Safety & Security, Evan Kotsovinos, has penned a blog post that aims to "strongly encourage" the email service's 1.8 billion users to stop relying on passwords to secure their inbox. He said: "We want to move beyond passwords altogether, while keeping sign-ins as easy as possible, so we strongly encourage using modern methods like Sign in with Google and passkeys, which can be stored in and synced across your devices with Google Password Manager. "Passkeys are phishing-resistant and can log you in simply with the method you use to unlock your device (like your fingerprint or face ID) — no password required. "And when you pair the ease and safety of passkeys with your Google Account, you can then use Sign in with Google to log in to your favorite websites and apps — limiting the number of accounts you have to maintain." Microsoft stated it blocked 7,000 attacks on passwords per second — almost double from a year ago. At the same time, Microsft engineers witnessed so-called "adversary-in-the-middle" phishing attacks increase by 146% year over year. In May 2024, Microsoft announced users could sign in to their favourite consumer apps and services, such as Xbox, Microsoft 365, or Microsoft Copilot, using a passkey Researchers have now published a definitive list of the common passwords in 2025. Avoid all of the most common passwords in 2025, experts caution If you rely on any of the passwords included in our box below — change it immediately. Without strong protection, hackers could break into your online account in a matter of seconds. Here is a handy guide to some of the major issues facing the tech giants and what can be done: Researchers analysed 15 billon passwords published in data breaches. These were used to compile the most common passwords of 2025 - see below. Security experts warn every password in the list can be hacked in seconds. Weak passwords cause 30% of ransomware infections worldwide. Passkeys, password managers, and two-factor authentication boost security too. Despite years of warnings, millions of users still rely on lacklustre passwords to keep accounts safe. From saving accounts to email inboxes, social media posts to photo libraries, there's plenty private data that could be accessed if someone gets their hands on a password. Despite a steady stream of news stories about high-profile data breaches and hacks, the common passwords in 2025 can still be cracked in under a second, leaving personal information vulnerable to cybercriminals. It comes as new research found that over 40 million Britons use the same password across multiple accounts.
Scottish Sun
23-04-2025
- Scottish Sun
Google to blur photos if it spots nudity – and it's being switched on for millions of phone owners by default
Find out how to switch it on with your phone below GOOG GOD! Google to blur photos if it spots nudity – and it's being switched on for millions of phone owners by default Click to share on X/Twitter (Opens in new window) Click to share on Facebook (Opens in new window) GOOGLE is rolling out a new messaging tool to detect unwanted nude photos and block them from view. The tech giant first revealed the enhanced safety feature last year but it's finally started to appear on phones this month. Sign up for Scottish Sun newsletter Sign up 1 New feature is rolling out to phones using Android 9 and later Credit: Getty It will work within the Google Messages app on selected Android smartphones. When active, the so-called "Sensitive Content Warnings" will detect and blur images suspected of showing nudity. A "speed bump" notification will appear, giving you the option to reveal the image. There will also be links to information on help-finding resources. Meanwhile, those sending or forwarding suspected nudes will be reminded about the risks - as well as a warning about accidental shares. The feature is on by default for accounts belonging to those under 18. But for everyone else you'll need to switch it on manually. The technology cleverly does all the detection work on-device, so none of your sensitive data is sent off to some Google server. "Sensitive Content Warnings doesn't allow Google access to the contents of your images, nor does Google know that nudity may have been detected," the firm explains. But Google warns that the tool "isn't perfect". Google reveals surprise Android upgrade including AI that answers phone for you "It may occasionally detect images that don't contain nudity or not detect images that contain nudity," a help page reads. The system is rolling out to Android smartphones running on version 9 or later.
