Key information to note
- Google’s AI assistant can be deceived into displaying fraudulent email summaries within Gmail, rendering phishing attempts oddly believable.
- A researcher demonstrated that this exploit works and reported it to Mozilla’s 0din bug bounty initiative.
- Google asserts that this tactic has not yet been exploited in real-world scenarios.
It appears that Google Gemini can be manipulated into displaying misleading email summaries directly in Gmail, and given its legitimate appearance, it could serve as a cunning new phishing technique.
A cybersecurity expert has recently uncovered a vulnerability that allows hackers to distort Google Gemini into presenting malicious instructions through Gmail summaries, endangering Workspace users. This concern has been referred to 0din, Mozilla’s AI-oriented bug bounty program (via BleepingComputer).
Google <a data-analytics-id="inline-link" href="https://www.androidcentral.com/apps-software/google-gemini-is-now-in-gmail-to-write-summaries-and-craft-replies-on-the-fly" data-before-rewrite-localise="https://www.androidcentral.com/apps