Google warns its 1.8 billion Gmail users about a new cybersecurity threat called indirect prompt injections, where hackers hide malicious commands in emails.
Google warns of wave of new threats
This threat affects not just people but also businesses and governments, in a post Google explained the danger, “With the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prompt injections.”
The difference with this attack is that instead of directly putting harmful commands into the AI prompt, hackers hide malicious instructions inside things like emails, documents, or calendar invites. These hidden commands can make the AI leak user data or do other bad things, the post explained.
Google warned that this threat puts everyone at risk. “As more governments, businesses, and individuals adopt generative AI to get more done, this subtle yet potentially potent attack becomes increasingly pertinent across the industry, demanding immediate attention and robust security measures,” the blog added.
Hackers use Google AI Gemini to steal passwords
Hackers send emails with hidden commands make Gemini reveal passwords without the user knowing, as reported by The Mirror report.
This warning comes as more people use AI for personal things like dating and relationship advice. Scott said this scam is different from older ones because it’s “AI against AI” and could cause more attacks like this.
He explained that these hidden commands trick the AI into working against itself, making users accidentally give away their login details.
Scott also pointed out that there’s no link to click for the scam to work, it happens when Gemini itself shows a message warning users they are at risk.
He reminded everyone that Google has said it will never ask for login details or alert users about fraud through Gemini.
