A recent study has revealed that agentic AI browsers tools designed to autonomously handle online tasks like shopping, emailing, and booking are susceptible to both traditional and emerging cyberattacks.
Comet by Perplexity is currently the leading example, with Microsoft Edge integrating similar features via Copilot and OpenAI developing its own version, Aura. Though initially targeted at tech-savvy users, Comet is gaining traction among everyday consumers.
Security tests conducted by Guardio showed that these AI browsers lack robust defenses against phishing, prompt injection, and fake e-commerce sites. In one test, Comet was tricked into buying an Apple Watch from a counterfeit Walmart site, autofilling payment details without verifying legitimacy or seeking user approval. Another test involved a phishing email posing as Wells Fargo, which Comet treated as authentic, leading users to a fake login page. A third test used a fake CAPTCHA page with hidden commands that triggered a malicious download.
Guardio warns that these tests only hint at the broader risks. In an AI-driven landscape, attackers can exploit a single model and scale the attack across countless users. They can even train malicious AI to outsmart its targets.
Until these tools mature, experts advise against using agentic AI browsers for sensitive tasks like banking or shopping. Users should avoid sharing personal or financial data with AI agents and manually confirm critical actions to reduce risk.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
