Cybercriminals are exploiting Gemini AI to scam Gmail users. The exploit tactics goes on to trick users into handing over passwords. The attack embeds invisible commands in emails, manipulating Gmail’s AI summarizer, Gemini, to generate fake security alerts and fake support phone numbers.
How the Gemini AI Scam Works
Scammers hide malicious text in emails using HTML and CSS tricks like zero-font-size and white text. These instructions are invisible to users but read by Gemini when summarizing the message. Gemini then issues a bogus alert stating that the Gmail account is compromised and prompts users to call a fake support line, leading to password theft.
Why Gmail-Gemini Scam Is Dangerous
This ploy bypasses regular phishing filters because emails contain no visible attachments or suspicious links. Users are more likely to trust Gemini’s built-in messages, making this a stealthy and effective attack.
Expert Warnings and Google’s Response
Cybersecurity experts emphasize that Gmail’s AI summaries should not be taken as official security alerts. They urge users to stay vigilant and inspect messages manually, especially if a Gemini summary asks for urgent action. The threat was exposed by Mozilla’s 0Din bounty team via researcher Marco Figueroa.
Google has acknowledged the flaw and is rolling out defenses, such as hidden-content filters and red-teaming exercises, but no broad patch is live yet.
What You Should Do Now
-
Avoid using Gemini’s Summarize Email feature for suspicious or security-related emails.
-
Inspect emails manually, especially those prompting urgent action or support calls.
-
Report phishing emails via Gmail’s built-in reporting tool.
-
Enable two-factor authentication and consider passkeys for stronger protection.
The Gemini-Gmail scam shows how attackers are exploiting AI tools to bypass protections and exploit trust in automated features. Until Google fully secures Gemini, users must stay alert to avoid falling for these stealthy phishing schemes.