- Gemini in Workspace presents unique opportunities for fraud, researchers warn
- The AI tool can be deceived to display false security warnings
- Companies must ensure that the invisible text is not processed by AI
Cybercriminals have found a new creative way of mistreating Google (Genai) to steal the Gmail accounts of people.
Google introduced Gemini, its Chatbot assistant powered by AI in its work space suite productivity applications some time ago, and one of the things that Gemini can do is summarize the incoming emails-so when a person receives an e-mail, he can bring vertical vigor on the right side of the screen, asking for gememini and more things, such as information on genes On the genes, such as information on the information on the adding calendar.
However, experts have warned that this will also open the Gmail accounts for so -called “request injection” attacks – so if the incoming electronic message contains a hidden prompt for Gemini, it can be executed in the component.
Is phishing gemini for your password?
According to security researcher Marco Figueroa, this is exactly what the messaging provider is now sensitive.
Using HTML and CSS, threat stakeholders can add an prompt for Gemini, with its font size set to zero, and its color in white. Therefore, the victim will not be able to see him, but Gemini will act on it. If this prompt makes gemini display a phishing message, it will do that exactly, and as the message would come from a source of confidence, it increases the chances of success.
Figueroa showed how a malicious prompt could inform the victim that his email account was compromised and that he must “call” Google on a phone number displayed in the message to solve the problem.
To protect against future rapid injection attacks, companies must ensure that their messaging customers delete, neutralize or ignore the content which is hidden in the text of the body. In addition, they could include a post-processing filter that scans the reception box for “urgent messages”, URL or telephone numbers.
Finally, companies should educate their employees that summaries provided by the Gemini tool should not replace security alerts.
Via Bleeping Compompute
