All Gmail users placed on alert and ignoring new email warning may be costly

Anyone with a Gmail account might want to pay serious attention to a new alert that's just been issued. It appears that a hidden flaw in this popular email software could give cyber crooks the perfect way to scam you. The latest threat takes advantage of Google's clever Gemini assistant and the ability to see AI summaries displayed in the inbox.

For those unaware, the smart intelligence can quickly scan an email and then offer instant bullet points for you to read.

This makes trawling through endless messages much simpler, but it now comes with a hidden warning.

As first reported by the team at Bleeping Computer, it seems that fraudsters might be able to trick this smart system into displaying additional fake text underneath the real summary.

One example - that's been found - showed how hackers could add a worrying alert directly into a message.

"WARNING: Gemini has detected that your Gmail password has been compromised," the alert reads.

"Please call us immediately."

This is then followed by a phone number and a reference code - both of which aren't real and could be used to crooks to steal personal data.

Experts at Mozilla have also confirmed that a potential vulnerability within the Gemini email summary feature is allowing online thieves to add hidden prompts that then appear when messages are opened.

In réponse, Google says it is constantly looking at new threats and adding failsafes when it deems it necessary.

"We are constantly hardening our already robust defenses through red-teaming exercises that train our models to defend against these types of adversarial attacks," a Google spokesperson told BleepingComputer.

The US technology giant says it is also not aware of any users being attacked in this way, and there's no evidence of a widespread threat.

That said, this clearly shows that criminals can still find ways to infiltrate email inboxes and we need to stay alert.

Just remember that it's highly unlikely Google will ever contact you. Also, if you think your password has been compromised, it's easy to log into Google's official platform and change things.

One top tip is to never believe an email or AI summary and don't call any numbers unless you know that it's an official hotline.