Google has issued a serious warning to over 1.8 billion Gmail users worldwide after reports surfaced that hackers are secretly stealing passwords by exploiting its AI chatbot, Gemini. According to a report by Sangbad Pratidin, cybercriminals are manipulating Gemini to bypass Google’s usual security filters and trick users into handing over sensitive information.
How Hackers Are Exploiting Gemini
Cybersecurity experts say hackers are cleverly tricking Gemini into summarizing emails that contain hidden malicious content. By setting the font size to zero and coloring the text white, attackers are sending invisible prompts within emails. When users ask Gemini to “summarize this email,” it inadvertently reveals these hidden messages — often including fake Google support phone numbers or malicious links.
These emails often appear to be urgent security alerts or business-related messages, which increases the chances of users trusting the content. Once a user follows a link or dials a fake support number, their personal data — including login credentials — may be compromised.
Safety Tips for Gmail Users
To protect yourself from this new wave of cyberattacks, follow these key precautions:
- Do not trust urgent security warnings provided by Gemini summaries without verifying them.
- Google will never ask you to change your password through an AI summary.
- Always read the full email if you feel something is suspicious, instead of relying solely on AI-generated summaries.
- Be cautious of any support phone numbers listed in emails. Google does not offer direct phone support for Gmail users.
This sophisticated form of phishing highlights the growing risks of AI manipulation in cybercrime. Stay alert, think critically before clicking, and always verify sensitive messages independently.
