Google, which has 1.8 billion Gmail users worldwide, recently issued a serious warning about a new cybersecurity threat linked to artificial intelligence advancements, as reported by Men’s Journal.
New Threat: Indirect Prompt Injections
This threat, known as “indirect prompt injections,” is not only affecting individuals but also businesses and governments. In a detailed blog post, Google explained, “With the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prompt injections.”
Hackers are using this method to embed malicious instructions within emails, documents, or calendar invites. These hidden commands can lead the AI to leak user data or execute harmful actions.
Rising Cybersecurity Concerns
Google emphasized that this threat poses risks to all users. “As more governments, businesses, and individuals adopt generative AI to get more done, this subtle yet potentially potent attack becomes increasingly pertinent across the industry, demanding immediate attention and robust security measures,” the blog added.
Hackers Exploiting Google Gemini AI
Tech expert Scott Polderman indicated that hackers are exploiting Google’s AI assistant, Gemini, to steal user information. Email communications with hidden commands can trick Gemini into revealing passwords without users’ knowledge, according to a report by The Mirror.
This warning is especially timely, as more individuals turn to AI for personal advice, including dating. Scott remarked that this new scam contrasts with previous ones because it is “AI against AI,” potentially leading to further sophisticated attacks.
He noted that there’s no link to click for these scams; the danger arises when Gemini itself delivers warnings, misleading users into revealing sensitive information.
Keeping Users Safe
Scott also pointed out that Google has assured users it will never ask for login details or send fraud alerts through Gemini. Users are encouraged to remain vigilant and protective of their personal information.
