Google Gemini hacked by Mozilla researchers to hide phishing prompts

Nowadays, artificial intelligence is everywhere – in your phone, your car, even your washing machine. I recently saw one with built -in AI. And although that may sound a bit exaggerated, it is impossible to deny that artificial intelligence has made life easier in many ways.

From stimulating productivity to unlocking new creative tools, it changes how we work and live. The most common version that you probably encountered? Generative ai, think of chatbots such as chatgpt. But no matter how useful this technology can be, it is not without problems.

If you have used Google’s work space, you may have noticed that the AI model of the company, Gemini, integrated in apps such as documents, sheets and Gmail. Now researchers say that attackers with Gemini can manipulate e-mail entertainment to sneak in hidden phishing prompts.

Register for my free Cyberguy report
Receive my best technical tips, urgent security warnings and exclusive deals that are delivered directly in your inbox. Moreover, you get direct access to my ultimate Survival guide for scam – free if you become a member of my Cyberguy.com/newsletter

How AI now helps hackers to fool the security tools of your browser

How Gemini compensation can be hacked

Researchers from Mozilla’s 0Din have discovered a vulnerability in Google’s Gemini for workspace with which attackers can instructions in congestions in e -mails allowances. The problem, demonstrated by Marco Figueroa, shows how generative AI tools can be misled by indirect fast injection. This technique encloses invisible assignments in the body of an e -mail. When Gemini summarizes the message, interprets and acts on those hidden instructions.

What is artificial intelligence (AI)?

The attack does not depend on the suspect left or attachments. Instead, it uses a combination of HTML and CSS to hide the prompt by set the font size to zero and the color on white. These assignments remain invisible in the standard view of Gmail, but are still accessible to Gemini. As soon as you request a summary, the AI can be misled to present fake security warnings or urgent instructions that seem to come from Google.

In a proof of concept, Gemini wrongly warned a user that a Gmail password had been compromised and included a fake telephone number. Since Gemini computing is integrated in Google workspace, you are more likely to trust the information, making it tactic particularly effective.

A Google plate on a building (Kurt “Cyberguy” Knutsson)

See also  Former Google engineer charged with stealing AI tech while secretly working with Chinese firms

What does Google do about the mistake?

Although Google has implemented defenses against fast injection since 2024, this method seems to bypass current protection. The company told Cyberguy that the actively worked guarantees uses.

Get Fox Business on the Go by clicking here

In a statement, a Google spokesperson said: “Defense against attacks that influence industry, such as fast injections, has been a continuous priority for us and we have deployed numerous strong defenses to keep users safe, including guarantees to prevent harmful or misleading answers.

Google also confirmed that it has not observed active exploitation of this specific technology.

Google Gemini app on the home screen of a mobile device (Kurt “Cyberguy” Knutsson)

6 ways you can stay safe against AI phishing -wang

So, how can you protect yourself against phishing -scourel that exploit AI -tools such as Gemini? Here are six essential steps that you can now take to stay safe:

1. Do not blindly trust AI-generated content

The fact that a summary appears in Gmail or Docs does not mean that it is automatically safe. Treat by AI generated suggestions, warnings or links with the same caution as an unsolicited message. Always check critical information, such as security reports or telephone numbers, via official sources.

2. Avoid the use of summary functions for suspect e -mails

If an e -mail seems unusual, especially if it is unexpected or of someone you don’t recognize, avoid using the AI -comprehensive function. Instead, read the full e -mail as it was originally written. This reduces the chance of falling for misleading summaries.

3. Beware for phishing -e -mails and messages

Note e -mails or messages that create a sense of urgency, ask you to verify account details or to provide unexpected links or contact details, even if they seem reliable or come from known sources. Attackers can use AI to make realistic -looking reports or requests to make sensitive information, sometimes hidden in automatically generated summaries. So always pause and investigate suspicious instructions before you respond.

The best way to protect yourself against malignant links that install malware, which may have access to your private information, is to install antivirus software on all your devices. This protection can also warn you about phishing -e -mails and ransomware -scam, so that your personal information and digital assets are kept securely.

Get my choices for the best winners of the 2025 antivirus protection for your Windows, Mac, Android and iOS devices at Cyberguy.com/lockupyourtech

4. Keep your apps and extensions updated

Make sure that Google Workspace and your browser always perform the latest version. Google regularly releases security updates that help prevent newer types of attacks. Also avoid using unofficial extensions that have access to your Gmail or documents.

5. Invest in a data removal service

AI-driven scam such as the Gemini Summary attack does not happen in a vacuum. They often start with stolen personal information. This data may come from breaches from the past, public data or details that you have unconsciously shared online. A data removal service can help by continuously scanning and asking to delete and request your information from data sites. Although no service can wipe everything, reducing your digital footprint makes it more difficult for attackers to personalize phishing attempts or to link it to known infringement data. Think of it as a protective layer in a world where AI makes aimed scam even easier.

View my top choices for data removal services and receive a free scan to find out if your personal information is already on the internet by visiting Cyberguy.com/delete

Get a free scan to find out if your personal information is already on the internet: Cyberguy.com/freescan

6. Switch AI compensation for now if you are worried

If you are worried about falling for a phishing attempt generated by AI, consider eliminating Gemini-collecting in Gmail until Google rolls out stronger protection. You can still read full e -mails in the traditional way, which can lower your risk of misled by manipulated summaries.

How to eliminate Gemini functions on desktop

• Open Gmail On desktop.
• Click on the Institutions gear icon at the top right.
• Click See all settings.
• Scroll to “Google workspace smart functions” and click Management workspace Smart function -Settings.
• To expand The switch for Smart functions in Google Workspace.
• Then click on To rescue.
• Remark: This will Switch off Gemini -Jaming As well as other smart functions.

How to disable Gemini functions on mobile

On iPhone:

If you specifically use the Gemini Mobile app:

• Open the Gemini app.
• Tap you Profile photo.
• Crane Gemini Apps activity.
• Tap at the top Switch off.

On Android:

SEttings can vary depending on the manufacturer of your Android telephone

• Open the Gmail app On your Android.
• Tap the Menu Icon (three horizontal lines) in the top left corner.
• Scroll down and tap Institutions.
• Select the Relevant e -mail account.
• Scroll down and tap Google workspace smart functions And Switch off the box To eliminate them.

Most important reservation to know:

• Disgratient Smart functions Can remove other useful functionalities, such as predictive text and automatic appointment detection.
• The Gemini icon or summary buttons can still appearEven after switching off these functions. Some users report that they should physically hide them via browser tools.

There is no centralized single “off -switch” to fully remove all Gemini Ai references everywhere, but these steps significantly reduce the presence and risk of the function.

Click here to get the Fox News app

Kurt’s most important collection meal

This vulnerability emphasizes how phishing tactics together with AI evolve. Instead of trusting visible red flags such as incorrectly spelled URLs or suspicious appendices, attackers now focus on trusted systems that help users to filter and interpret messages. As AI is deeper into productivity tools, fast injection could arise as a subtle but powerful vector for social engineering, which hidden malignant intention in the tools that are designed to simplify communication.

How comfortably do you let AI summarize or filter your e -mails, and where do you draw the line? Let us know by writing us Cyberguy.com/contact

Register for my free Cyberguy report
Receive my best technical tips, urgent security warnings and exclusive deals that are delivered directly in your inbox. Moreover, you get direct access to my ultimate Survival guide for scam – free if you become a member of my Cyberguy.com/newsletter

Copyright 2025 cyberguy.com. All rights reserved.