Google Alerts 1.8 Billion Gmail Users About New Password Scam

In an urgent warning issued on July 18, 2025, Google has alerted approximately 1.8 billion Gmail users about a sophisticated password-stealing scam that employs the company's AI tool, Gemini, to deceive users into divulging personal information. This alarming security breach has raised significant concerns among cybersecurity experts and users alike, as it operates covertly, utilizing tactics that remain undetected by conventional security measures.

The scam involves hackers crafting emails containing concealed instructions that prompt Gemini to generate fraudulent security alerts. These alerts falsely claim that the user's account has been compromised, urging them to share sensitive information or contact fake support numbers. According to Marco Figueroa, a GenAI bounty manager, these emails are often designed to appear urgent, enhancing the likelihood that recipients will fall victim to the scam. The trick relies on hidden text, formatted in a size-zero font and colored white, rendering it invisible against the email background. This technique allows the Gemini tool to read and act upon the embedded malicious prompts without the user's awareness.

Research from Mozilla's 0Din security team has confirmed the existence of these attacks, showing how hackers manipulate Gemini by embedding secret commands within emails. The report detailed instances where victims received fraudulent alerts about stolen passwords, leading them to inadvertently expose their credentials. The method employed is referred to as 'indirect prompt injection,' a vulnerability that exploits AI systems' limitations in distinguishing between legitimate user inquiries and malicious prompts.

Experts recommend that Gmail users take immediate precautions. Security analysts, such as Dr. Emily Chen, a cybersecurity researcher at Stanford University, emphasize the importance of configuring email clients to detect and neutralize hidden content within message bodies. This proactive measure can help mitigate the risks posed by such scams. Additionally, implementing post-processing filters to scan for specific phrases or links in emails can bolster defenses against these types of phishing attempts.

The ongoing threat posed by this scam is compounded by the fact that Google has yet to issue a patch to eliminate this vulnerability. Until adequate protective measures are established, hackers will likely continue to exploit AI tools for nefarious purposes. Google has reiterated its policy, stating that it does not initiate security alerts through summaries generated by Gemini, urging users to remain vigilant and skeptical of unsolicited communications.

As the digital landscape evolves, so too do the threats facing users. This incident highlights the critical need for enhanced cybersecurity measures and user education in recognizing and responding to potential threats. With AI technology becoming increasingly integrated into everyday applications, the potential for misuse necessitates ongoing vigilance and proactive security strategies. The implications of this scam extend beyond individual users, affecting the broader trust in digital communication and the efficacy of AI security measures.