Gemini AI's email hack could phish you—don't use it

Technology Jul 21, 2025

Google's Gemini AI, the tool that summarizes your Gmail emails, has a security flaw putting up to two billion users at risk.
Hackers can sneak hidden commands into emails using invisible text, and when Gemini summarizes these messages, it accidentally creates fake alerts saying your account's been compromised.

How the attack works

These sneaky commands tell Gemini to make legit-looking warnings that urge you to call scam numbers or visit phishing sites.
Since these alerts come from the AI summary—not obvious links or attachments—they're tough for spam filters (and people) to spot.

What you should do

Experts say it's best to avoid using Gemini's email summarizer until Google patches this issue.
If you see any weird security alerts generated by AI, double-check before taking action.
Google is working on a fix, but staying alert yourself is still super important for keeping your info safe.