Indirect Prompt Injection Emerges as New Cyber Risk
Google Warns Gmail Users of Growing Generative AI Threats
Google has issued a major warning to its 1.8 billion Gmail users worldwide regarding significant cyber risks. The company stated that with the rapid expansion of generative AI usage, new forms of attacks are emerging, one of the most concerning being “indirect prompt injection,” reports Men’s Journal.
According to Google’s blog, in direct prompt injection, attackers insert malicious instructions directly into the user’s prompt. In contrast, “indirect prompt injection” hides harmful commands in external sources such as emails, documents, or calendar invites. These can then trick AI systems into stealing user data or carrying out other malicious actions.
Tech expert Scott Polderman explained, “Hackers are exploiting Google’s AI assistant Gemini to extract users’ passwords.” He further warned that this exposes users to heightened risks because “hacking can occur without even clicking a link.”
Google, however, assured that new protective measures have already been implemented. These include stronger safeguards in the Gemini 2.5 model, advanced machine learning systems to detect malicious instructions, and enhanced system-level protections to make attacks significantly harder for hackers.
