A new cyber threat is making its way into Gmail inboxes, and this time it involves Gemini, Google’s built-in AI assistant. Security researchers have identified a method where attackers manipulate Gemini into displaying false warnings, tricking users into giving away sensitive information. It is a clever tactic and one that highlights the growing concerns around AI misuse.

At the centre of this scam is a technique known as prompt injection. Attackers are embedding invisible instructions within email messages by using white text and zero font size. These hidden messages are not visible to users but can be read by Gemini when asked to summarise the email content. When the AI reads these prompts, it reacts just as the attacker intends.

For instance, Gemini might show a fake warning that your Gmail account has been compromised. It will then suggest calling a support number that connects directly to a scammer. This person may then attempt to collect your passwords, recovery codes or any other personal details. It is a sophisticated con that plays on both trust and urgency.

Cybersecurity expert Marco Figueroa has raised the alarm on how easily Gemini can be influenced by these hidden prompts. The concern is not only the vulnerability of the AI but also the way people may rely on it without question. Many users trust AI-generated suggestions and may not verify the information before taking action.

What can you do to stay protected? To protect yourself, experts recommend a few simple steps. Be cautious when using Gemini to summarise emails, especially those that appear urgent or security-related. Avoid calling any phone numbers mentioned in summaries unless verified independently. It is also wise to look out for strange formatting in emails, such as large empty spaces or odd layouts.

Security professionals are also urging Google to implement stronger filters that remove hidden content before it reaches AI systems. There is an ongoing effort to improve Gemini’s ability to detect and ignore these kinds of prompts.

Google has acknowledged the issue and is reportedly working on improvements. According to statements, its security teams are testing Gemini against similar attacks and strengthening defences.