AI Browsers Can Be Tricked Into Paying Fake Stores in PromptFix Attack

The PromptFix attack tricks AI browsers with fake CAPTCHAs, leading them to phishing sites and fake stores where they auto-complete purchases.

Cybersecurity experts at Guardio Labs have revealed how artificial intelligence (AI) designed to assist users online can be tricked into falling for scams, calling it a “new era of digital threats they call Scamlexity.”

The findings, shared with Hackread.com, detail a unique attack method named PromptFix. This technique uses a fake CAPTCHA, a security check meant to prove a user isn’t a robot, to hide malicious instructions. While a human might easily spot the fake check and ignore it, the AI sees it as a legitimate command to follow.

The report highlights that these AI helpers, called agentic AIs, can be deceived into giving away sensitive information or even making purchases without the user’s knowledge. Researchers demonstrated how these AI browsers, like Perplexity ...