Blog
AI browsers can’t tell legitimate websites from malicious ones — here’s why that’s putting you at risk
Many people have started using AI browsers to handle online chores and automated tasks for them, and the tools are great for emails, shopping and travel planning. However, according to a new report, they lack the ability to determine legitimate from malicious websites and don’t know not to interact with fake online stores and phishing emails and this could put your personal and financial information at risk.
As reported by Cybernews, the cybersecurity firm Guardio, which focuses specifically on browser security and browser ecosystems, built and tested a few particular scenarios in order to determine if AI browsers can be trusted with autonomous browsing.
Based on the findings of the company’s report, AI browsers “inherit AI’s built-in vulnerabilities – the tendency to act without full context, to trust too easily and to execute instructions without the skepticism humans naturally apply.”
Since AI models are designed to please humans, they will also bend rules to get what they need which could lead to “significant data breaches.” In actual practice, this means AI browsers will click on phishing links, download malicious content and hand over sensitive data in the name of “helping” you with their assigned tasks.
Guardio’s researchers, who primarily did their testing on Perplexity’s Comet browser, gave it the task of buying an Apple Watch and prompted it to look for the device on a fake Walmart web shop they had created using the Lovable coding app in only a few seconds. Although the fake web shop had plenty of obvious signs that it wasn’t legitimate, the browser didn’t pick up on them. It added the Apple Watch to the cart, autofilled personal and financial information and finished the transaction within moments without asking for any confirmation.
The test was run multiple times; sometimes Comet refused to complete the purchase, sometimes it asked to finish the transaction manually. In most cases though, it handed over all the necessary details without issue to the malicious web store.
Additionally, Guardio’s researchers tested Perplexity’s Comet browser against phishing emails by sending fake emails from a “Wells Fargo investment manager” that contained malicious links in the body of the email. The AI browser marked them as a to-do item, and clicked on them which prompted it to enter user credentials. The browser did as requested, filling in a form which was intended to steal sensitive user information.
The researchers noted that when AI is left as the single point of decision, security essentially becomes a coin toss as AI browsers are designed with user experience as their focus, not security.
For now, it’s probably best to avoid letting your fancy new AI browser handle sensitive tasks for you. Instead, you should tackle them yourself at least until the companies behind these new AI-powered browsers figure out how to secure the properly.
Follow Tom’s Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
