A newly discovered AI prompt-injection vulnerability in Google’s Gemini AI chatbot poses a significant risk to Gmail’s 2 billion users, allowing for sophisticated phishing attacks. This indirect attack, described by Marco Figueroa from Mozilla, exploits users’ trust in AI outputs, particularly the email summarization feature integrated into Gmail. Cybercriminals can hide malicious instructions within emails using techniques such as white-on-white text, which go unnoticed by users. When a recipient requests a summary, the AI-generated output can falsely warn that their Gmail credentials are compromised, complete with a fabricated support number. The effectiveness of this vulnerability stems from the AI’s inherent blind spots, as it processes hidden text as legitimate commands. Experts warn that without enhanced security measures, these prompt injections could escalate to widespread misinformation, ransomware, or social engineering scams across business workflows. As generative AI evolves, addressing such vulnerabilities remains paramount to safeguarding user data.
Source link
Share
Read more