Recent studies reveal that popular AI tools, such as GPT models and Perplexity AI, are unintentionally directing users to phishing websites. Over one-third of the URLs provided by these AI systems lead to domains not controlled by the intended brands, raising significant security concerns. For instance, Perplexity misdirected users to a fraudulent Wells Fargo login page rather than the legitimate website. Researchers found that 34% of suggested domains were unregistered or unrelated, exposing users to potential cyber threats. Furthermore, criminals exploit these vulnerabilities by planting malicious code in AI coding resources, creating fake APIs to impersonate legitimate services. This issue particularly endangers smaller brands and regional banks due to their limited representation in AI training datasets. With major search engines embracing AI-generated content, the prevalence of these risks highlights a pressing need for enhanced safety measures against AI-driven phishing attacks. Organizations must prioritize security and education to counteract these growing threats.
Source link
Share
Read more