AI cybersecurity flaw: How hackers can fool AI chatbots into handing over sensitive info
AI cybersecurity flaw: How hackers can fool AI chatbots into handing over sensitive info
Publish Date: 2026-06-24 01:16:00
Source Domain: www.ksl.com
Using an unordered list, summarize the following article with between 4 and 8 key points. SALT LAKE CITY — There has been a lot of talk about how artificial intelligence can fool us with fake voices, fake texts, fake photos and more. But a new type of cyberattack targeting AI agents has flipped the script, according to Yagub Rahimov, CEO and founder of cybersecurity firm Polygraf AI.”It is actually people taking advantage of the known vulnerabilities,” he said of the growing threat known as prompt injection attacks.Plain English? An attacker uses deceptive text to give an AI agent a convincing instruction that basically tells it to ignore the rules and do what the attacker asks. Because AI isn’t always able to separate legitimate instructions from deceptive instructions, it might respond to the attacker’s request.That matters when companies use AI chatbots for sensitive jobs like account recovery, identity verification and customer support. Rahimov said AI agents are now like new employees, with access, but not always enough judgment.”It has a broad knowledge and understanding and guidance of ‘Go do your job this way,’ but doesn’t understand what it cannot really do,” he said.So, what can you do?First: Turn on multi-factor authentication so you’ll get a ping on your phone if someone is trying to get in. Second: Make sure your email and phone number are current so that it’s you and not the bad guy who is actually getting those alerts. And third: Limit what apps and services you connect.Rahimov said don’t be scared. Be secured.”If you were scared, we would have never come out of the caves,” he said.This is not an obscure “what if” story. This month, there was a high-profile example of bad guys getting into Instagram accounts by convincing an AI bot to let them in.So be proactive. The best time to tighten up your cybersecurity is now, before the bad guy gets in.
The Key Takeaways for this article were generated with the assistance of large language models and reviewed by our editorial team. The article, itself, is solely human-written.
