nixCraft 🐧

Are you using AI to summary emails with Google gmail and workspace?
Google Gemini Bug Turns Gmail Summaries into Phishing Attack: No links or attachments are required; the attack relies on crafted HTML / CSS inside the email body. Victims are urged to take urgent actions (calling a phone number, visiting a site), enabling credential theft or social engineering. That is all.

More
https://0din.ai/blog/phishing-for-gemini &

https://www.pcmag.com/news/google-gemini-bug-turns-gmail-summaries-into-phishing-attack

#ai

Jul 14 at 5:44pmWeb
Show threadReay4d ago
@nixCraft @FirewallDragons
Show threadSirWumpus 👾🍁4d ago
@nixCraft I've never switched from plain text, HTML email is vile. Email is not about being pretty, its about communication. Harder to hide using plain text. AI is a vile pox on society.
Show threadDrScriptt3d ago

@sirwumpus @nixCraft I don’t need or really want HTML.

But I do appreciate basic Wordpad like rich text. Basic foreground & background color and some basic font face & size change.

Most of the time to separate console output from text I type or maybe quotes.

Show threadSirWumpus 👾🍁3d ago
@drscriptt @nixCraft Markdown as a great text format notation readable as plain text, just wish email clients that want to show pretty email supported it. I use it in my email theses days, so ``` console/code blocks is great.
Show threadMagical Cat4d ago
@nixCraft It looks like it is time for a page like "AI is going just great", similar to @web3isgreat
Show threadKhrys4d ago
@nixCraft Oh yeah 🍿
Show threadBionick4d ago
@nixCraft How do they not sanatize their inputs? I thought at first the trick was much more sophisticated and relied on poisoning the ai itself in some way. But it's actually the oldest teick in the Book
Show threadMajid Iqbal1d ago
@bionick @nixCraft maybe they used AI to write that code. That would explain a lot
Show threadSassinake! - ⊃∪∩⪽4d ago

@nixCraft

Holy Shit!

Show threadmathieui4d ago
@nixCraft
Show threadFurbland's Very Cool Mastodon™4d ago
@nixCraft oh good, more reasons to not use AI! (as if I need any more)
Show threadMx Verda4d ago
@nixCraft also the whole "thirsty, demanding plagiarism machine" thing.
Show threadBaa4d ago
@nixCraft Couple weeks ago Outlook also had an AI-based exploit, what a surprise
Show threadNazo4d ago
@nixCraft I guess, given the nature of that particular attack, it's ultimately basically unpatchable. They could make various filters to manually block it here and there, but there will always be something like that as long as people insist on using this.