2025-07-17T20:08:57Z

---

Imagine an invisible thief lurking in the shadows of your inbox, poised to steal your most personal secrets without you even knowing. That's exactly what's happening right now to a staggering 1.8 billion Gmail users, prompting Google to issue an urgent warning. A devious new type of cyber attack has been quietly preying on Gmail accounts, and it’s unlike anything we’ve seen before.

The culprit, it turns out, is a sophisticated exploitation of Google Gemini, the AI tool built into many of Google's services. Cybersecurity experts have discovered that hackers are sending emails riddled with hidden instructions, tricking Gemini into generating fake phishing alerts. These emails are crafted to appear urgent and seem to come from legitimate businesses, creating a perfect storm of deceit.

But how do these attacks work? It’s all about invisibility. Hackers construct emails with fonts set to zero size and text colored white, rendering them invisible to the naked eye but perfectly readable by Gemini. This stealthy approach allows them to embed malicious prompts that instruct Gemini to generate false alerts, often urging victims to contact a fake 'Google support' hotline.

Marco Figueroa, a renowned GenAI bounty manager, demonstrated just how dangerous these prompts can be. For instance, a victim might receive an alarming message claiming their account is compromised, prompting them to seek help from an illegitimate source. This tactic, known as 'indirect prompt injection,' exploits AI's inability to distinguish between legitimate questions and hidden malicious commands.

Expert recommendations are pouring in to combat this digital threat. Users are urged to configure their email clients to detect and neutralize hidden content and employ post-processing filters to screen for suspicious messages, URLs, or phone numbers. These preventive measures are crucial in fortifying defenses against such sophisticated threats.

This scam was brought to light by Mozilla's 0Din security team, whose research unveiled how hackers manipulated Gemini to display counterfeit security alerts. These fake messages are designed to trick users into believing their credentials have been stolen, fueling unnecessary panic and potentially leading to data theft.

Despite the severity of the threat, Google has yet to patch this vulnerability, leaving the door ajar for future attacks. As a reminder, Google has reiterated that it does not send security alerts through Gemini summaries, urging users to remain vigilant as hackers continue to exploit the AI's current limitations.