Slashdot: ChatGPT Creates Phisher’s Paradise By Recommending the Wrong URLs for Major Companies

Jul 3, 2025

—

Source URL: https://it.slashdot.org/story/25/07/03/1912216/chatgpt-creates-phishers-paradise-by-recommending-the-wrong-urls-for-major-companies?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: ChatGPT Creates Phisher’s Paradise By Recommending the Wrong URLs for Major Companies

Feedly Summary:

AI Summary and Description: Yes

Summary: The report highlights a flaw in the accuracy of AI-powered chatbots like GPT-4.1, which could create vulnerabilities for users and pose a security risk due to misinformation. This inaccuracy presents potential opportunities for criminals to leverage AI outputs for phishing attacks.

Detailed Description: The article reveals critical insights into the shortcomings of AI chatbots, specifically regarding their ability to accurately provide website URLs for major brands. This is particularly pertinent for security professionals as it underlines the risks associated with the use of AI in sensitive domains such as finance and personal data.

– **Accuracy Flaws**: The report notes that AI chatbots provided the correct URL only 66% of the time when prompted for major companies’ websites.
– **URL Misinformation**:
– 29% of the URLs given pointed to dead or suspended sites.
– 5% were legitimate, but they did not correspond to the requested brands.
– **Security Risks**: Rob Duncan of Netcraft states that these inaccuracies could lead to opportunities for criminals:
– Phishers could leverage this AI flaw to prompt users for URLs and then register similar or incorrect addresses, setting up phishing sites to deceive users.
– **Implications for Users**: While the findings might seem like merely an inconvenience to the average user, they open substantial security vulnerabilities that could be exploited by malicious actors.
– **Importance of Vigilance**: The incident emphasizes the need for users to verify website URLs independently and for organizations to educate users on potential risks associated with reliance on AI-generated information.

This analysis serves to highlight the importance of enhancing AI compliance and operational security, cautioning security professionals to prioritize accurate information dissemination and user education to mitigate phishing risks effectively.

1 2 3 4 5 7 a accuracy Accuracy Flaws Act addresses AI analysis and anti art as ated attack attacks average AWS Bi bots by C caution chat Chatbot Chatbots ChatGPT CI CIA co companies compliance criminals critical D data de domain domains DoT e education effective end exp exploit finance flaws for g Gen generated GIS git GPT gs H high Highlight http HTTPS implications in inaccuracies incident information insights io ite J k l Lance law led Li Link M malicious actors Mila misinformation N nation NCA no non notes o of on only open operation operational security organization organizations ory oS out output Outputs personal data phi phishing phishing attack Phishing Attacks phishing risks point potential potential risks Power pre pro professionals prompt ps Q R rag rate RCE red report Risk risks Ro s sec security security professionals security risk security risks Security Vulnerabilities short Sig Sim size SoC source specific SSE SSO state T ted the Time to Tor TP under up US use user user education Users V vigilance vulnerabilities web website Wi x z