A disturbing new security vulnerability has been uncovered in Google Gemini for Workspace, potentially putting countless users at risk from cybercriminals.

A Sneaky Phishing Technique Unveiled

Researchers have discovered that malicious hackers can cleverly hide dangerous commands within the content of emails. This attack takes advantage of Gemini’s email summarization feature, which processes embedded HTML and CSS instructions instead of displaying the actual email contents.

Invisible Traps: How Hackers Operate

By using invisible text techniques—like white text on a white background or setting the font size to zero—attackers can create fraudulent alerts that appear to come directly from Google. Unsuspecting users, enticed to utilize Gemini's 'Summarize this email' function, may inadvertently click on these deceptive warnings.

The Dangers of Internal Scams

Once triggered, these hidden instructions can lead users to call fraudulent phone numbers or visit phishing websites, ultimately risking their sensitive data. What's alarming is that this method bypasses traditional spam defenses—no links or attachments are needed; merely the clever use of HTML in the email body suffices.

Wider Implications Across Google Workspace

This vulnerability does not stop at Gmail; it also threatens Google Docs, Slides, and Drive. Experts are sounding the alarm over the potential for AI-powered phishing attacks and self-replicating 'AI worms' spreading through Google Workspace, which could amplify the scale of these threats.

What Can Be Done?

To combat these risks, experts recommend that businesses implement robust inbound HTML checks, employ LLM firewalls, and provide comprehensive training for users to treat AI-generated summaries with skepticism. Furthermore, there's a pressing need for Google to enhance its defenses by sanitizing incoming HTML, improving context recognition, and ensuring better visibility of any concealed prompts processed by Gemini.

A Call to Action for Security Teams

As artificial intelligence tools increasingly become part of the digital landscape, security teams must now include them within their attack surface monitoring strategies. This development is a wake-up call that cannot be ignored—users must stay vigilant to avoid falling victim to these cunning traps!