Cybercriminals are using Google Workspace’s Gemini AI tool to try to trick you in an unusual way. You receive an email that appears ordinary, and it doesn’t have any suspicious links or attachments. But if you ask Gemini to summarize it, the results seem alarming. Gemini’s summary of the email shows you urgent warnings about your password being compromised, along with a support number for you to call so that you can resolve the problem. However, this warning from Gemini is completely false.
Cybercriminals have hidden invisible text in the email. This text contains false information about your account being compromised, and it includes a fake support phone number for you to call. You can’t see this hidden text, but Gemini can, and the AI tool uses this text when creating the summary. The result looks like a real security alert from Google. If you call the number provided, your call will be answered by a cybercriminal who will try to trick you into giving them your account’s login information.
Follow these tips to avoid falling victim to this AI-powered scam:
Don’t trust urgent security alerts that show up in an AI-generated summary. Real Google security alerts won’t appear in a Gemini summary.
Never call phone numbers that appear in an email or an AI summary, especially if the request seems urgent or unexpected.
Remember that AI tools like Gemini can be manipulated. If a summary shows urgent warnings or asks you to do something that wasn’t clearly in the original email, it’s probably a scam.
A vigilant workforce is the most effective defense against these attacks. Reach out to access training and simulations that empower your team to recognize and respond to attacks like this one.
