- Gemini in the work space presents unique opportunities for fraud, researchers warn
- The ai tool can be fooled to show false security warnings
- Companies must ensure that AI does not process the invisible text.
Cybercriminals have found a new creative way to abuse Google’s artificial intelligence (Genai) to steal people’s Gmail accounts.
Google introduced Gemini, its chatbot assistant with AI as a whole of work space productivity applications some time ago, and one of the things Gemini can do is summarize the incoming emails, so when a person receives an email, he can mention a vertical panel on the right part of the right screen of the screen, asking Gemini to obtain assistance with different things, such as vital information such as vital information such as vital information such as vital information, such electronic, adding the entries of the right screen, and more.
However, experts have warned that this also opens Gmail accounts for the so -called “immediate injection” attacks, so if the incoming email message contains a hidden request for Gemini, it can be executed on the panel.
Gemini phishing for your password?
According to Security researcher Marco Figueroa, this is exactly what the email provider is now susceptible.
When using HTML and CSS, threat actors can add a warning for Gemini, with its source size established at zero and its white color. Therefore, the victim will not be able to see it, but Gemini will act accordingly. If that notice makes Gemini show a Phishing message, it will do exactly that, and since the message will come from a reliable source, it increases the chances of success.
Figueroa showed how a malicious warning could notify the victim that her email account has been compromised and must “call” Google in a phone number that is shown in the message to solve the problem.
To protect against future immediate injection attacks, companies must ensure that their email clients eliminate, neutralize or ignore the content that is designed to be hidden in the body of the body. In addition, they could include a postprocessing filter that scan the inbox for “urgent messages”, URL or telephone numbers.
Finally, companies must educate their employees that the summaries provided by the Gemini tool should not be a replacement of safety alerts.
Through Bleepingcomputer
