Everyone with a Gmail account issued 'red alert' over new AI scam
Tech experts have explained how a new sophisticated scam using artificial intelligence is targeting 1.8billion Gmail accounts using Google's own AI model, Gemini
Google has issued a "red alert" to anyone who holds one of its 1.8billion accouns over a new artificial intelligence scam reportedly being used by cyber criminals. Tech expert Scott Polderman explained the data-stealing scam involves another Google product, Gemini, an AI assistant known as a chatbot.
"So hackers have figured out a way to use Gemini - Google's own AI - against itself," he clarified. "Essentially, hackers are sending an email with a hidden message to Gemini to reveal your passwords without you even realising." Scott highlighted that this scam is unique from previous ones as it is "AI against AI" and could set a precedent for future attacks in the same vein.
He elaborated: "These hidden instructions are getting AI to work against itself and have you reveal your login and password information."
Scott continued, explaining why so many users are falling victim to the problem. "There is no link that you have to click [to activate the scam]," he said. "It's Gemini popping up and letting you know you are at risk."
He also advised that Google has previously stated it will "never ask" for your login information or "never alert" you of fraud through Gemini.
Another tech expert, Marco Figueroa, added that send emails including prompts that Gemini can pick up on, with the font size set to zero and the text colour to white so users don't spot it.
One TikTok user responded with further advice to help guard against the scam. "To disable Google Gemini's features within your Gmail account, you need to adjust your Google Workspace settings," they penned.
"This involves turning off 'SMART FEATURES' and potentially disabling the Gemini app and its integration within other Google products."
Another shared: "I never use Gemini, still I might change my password just in case."
A third individual declared: "I'm sick of all of this already. I'm going back to pen and paper!".
And in a similar vein, a fourth added: "I quit using Gmail a long time ago! Thank you for the alert! I'll go check my old accounts."
Google cautioned in its security blog last month: "With the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prompt injections.
"Unlike direct prompt injections, where an attacker directly inputs malicious commands into a prompt, indirect prompt injections involve hidden malicious instructions within external data sources. These may include emails, documents, or calendar invites that instruct AI to exfiltrate user data or execute other rogue actions.
"As more governments, businesses, and individuals adopt generative AI to get more done, this subtle yet potentially potent attack becomes increasingly pertinent across the industry, demanding immediate attention and robust security measures."
Nevertheless, the tech giant sought to provide reassurance to users, stating: "Google has taken a layered security approach introducing security measures designed for each stage of the prompt lifecycle. From Gemini 2.5 model hardening, to purpose-built machine learning (ML) models detecting malicious instructions, to system-level safeguards, we are meaningfully elevating the difficulty, expense, and complexity faced by an attacker.
"This approach compels adversaries to resort to methods that are either more easily identified or demand greater resources."