Warning: More than 1.8 billion Gmail users are facing a new, highly sophisticated form of cyber attack
More than 1.8 billion Gmail users worldwide are being targeted by a new cyberattack campaign of unprecedented sophistication, prompting cybersecurity experts to issue an urgent warning.
A completely new form of cyberattack is threatening more than 1.8 billion Gmail users worldwide. Unlike traditional phishing scams, this threat exploits artificial intelligence (AI) to trick users into providing sensitive information such as passwords or personal data.
Security experts warn that this is a dangerous emerging trend, but most users remain completely unaware.
This attack targets Gemini, the AI assistant built into Gmail and many other Google services. Hackers have cleverly inserted hidden commands into the email content.
When the user uses the feature “Summary of this email”, Gemini will not read the displayed text as expected, but instead process the hidden commands that are pre-inserted. As a result, the AI can create highly convincing fake alerts, making users believe that their accounts have been compromised.
Some spam emails may claim that a Gmail account has been hacked, along with a fake “tech support” phone number. Victims are tricked into calling this number, which belongs to the scammer, not Google.
The trick used is extremely sophisticated, the malicious commands are hidden as white text on a white background, with a font size of 0, making it impossible for the human eye to detect.
However, AI tools like Gemini can easily read these “invisible” lines and be fooled into responding according to the attacker’s instructions. This is a new type of attack called “prompt injection” that exploits weaknesses in the way AI processes text.
The 0Din security team at Mozilla was one of the first to discover the trick, showing how Gemini can be manipulated to display fake warnings that mimic real ones, tricking users into clicking on phishing links or making calls to hackers' phone numbers.
In the context of AI becoming increasingly present in digital platforms, this is a warning reminder that AI itself can become a “victim” of fraud and trap users if they are not vigilant.
How to protect yourself from AI attacks?
In the face of a wave of AI-fueled cyberattacks like Gemini, cybersecurity experts have made some important recommendations to help users protect themselves:
- Don't trust security alerts that appear in Gemini's summary. Google is not currently using Gemini to send official alerts regarding account security. If you see an urgent notification from an AI, be suspicious at first.
- Be wary of emails that are threatening or require immediate action. Especially avoid clicking on strange links or calling phone numbers listed in these emails as they are likely to be scammers.
- Configure email applications to detect and alert on hidden content, such as white text on a white background or font size 0, a technique commonly used to hide malicious commands in AI attacks.
- Set up filters to identify unusual behavior, including emails containing multiple urgent alerts, unknown web URLs, or strange phone numbers.
- Always verify any security notifications through official Google channels, such as your Google account security page or the Google Security app, rather than trusting AI-generated information.
Experts also warn that the vulnerability is not limited to Gmail. Since Gemini is integrated into Google Docs, Calendar, and third-party applications, the threat could continue to spread if Google does not patch the flaw.
The final piece of advice is to always be vigilant. If you encounter a suspicious summary from an AI, don’t hesitate to delete it immediately. In an age where AI can be exploited, users need to be more vigilant to avoid becoming a victim.