- A researcher recently demonstrated a Gemini flaw that could be exploited to inject malicious instructions while using Gmail’s email summary feature.
- These instructions were hidden in plain text under the body of the email.
- Google responded to the research, stating that it had updated its models to identify such prompt engineering measures and block phishing links.
Big tech companies have been billing AI as the ubiquitous tool that frees us from mundane activities, and that includes reading long emails thoroughly. But little do we hear about the possibility of AI unknowingly leading us into traps that may be used to steal our sensitive data. That’s precisely what recent research highlighted when it discussed the possibility of hackers using Gemini as means for phishing.
Recently, a cybersecurity researcher demonstrated a vulnerability targeting Google Workspace users where Gemini can be manipulated to display malicious instructions. The vulnerability was submitted to 0din, which is the Mozilla Foundation’s bug bounty program for AI applications, and talks more specifically about the ease of misguiding Gmail’s email summarization feature for Google Workspace subscribers.
