According to Men’s Journal, Google, which has 1.8 billion Gmail users globally, recently issued a serious warning about a new type of cybersecurity threat connected to advancements in artificial intelligence.

Google alerted everyone to a new type of cyberattack known as “indirect prompt injections.”

Google warns of a wave of new threats

Governments and corporations are also impacted by this threat, in addition to individuals. Google described the risk in a thorough blog post, saying, “As generative AI is being adopted at a rapid pace, a new wave of threats is emerging across the industry to manipulate the AI systems themselves.” Indirect prompt injections are one of these new attack methods.

This attack differs in that hackers conceal malicious instructions inside emails, documents, or calendar invites rather than directly entering harmful commands into the AI prompt. According to the post, these hidden commands have the potential to cause the AI to leak user data or carry out other negative actions.

Google warned that this threat poses a threat to everyone. “As more governments, businesses, and individuals adopt generative AI to get more done, this subtle yet potentially powerful attack becomes increasingly pertinent across the industry, demanding immediate attention and robust security measures,” the blog went on.

Hackers use Google AI Gemini to steal passwords

Scott Polderman, a tech expert, claims that hackers are using Google’s AI assistant, Gemini, to steal user data. Hackers use hidden commands in emails to force Gemini to divulge passwords without the user’s knowledge.

As more people use AI for personal tasks, such as relationship and dating advice, this warning is being issued. Scott claimed that because this scam pits “AI against AI,” it differs from previous ones and may lead to more attacks of this nature.

He clarified that by deceiving the AI into acting against itself, these hidden commands cause users to divulge their login credentials unintentionally.

Scott also noted that the scam operates without a link to click; instead, it occurs when Gemini alerts users to their danger.

He reminded everyone that Google has stated that it will never use Gemini to request login information or notify users of fraud.