According to MakeUseOf, the new generation of AI browsers is proving dangerously susceptible to scams that humans would easily avoid. Security firm LayerX found that OpenAI’s ChatGPT Atlas browser blocked just 5.8% of malicious web pages, meaning it interacted with over 90% of phishing pages it encountered. Similarly, Perplexity’s Comet browser stopped only 7% of attacks, while Guard.io’s “Scamlexity” study showed AI browsers falling for fake CAPTCHA screens containing invisible prompt injection attacks. These automated systems were tricked into buying products, downloading files, and entering credentials on fake login pages, often declaring dangerous pages as safe without human oversight.
Sponsored content — provided for informational and promotional purposes.
The Trust Problem Nobody Saw Coming
Here’s the thing about AI browsers: they’re designed to make decisions for you, but they’re making really bad ones. While traditional browsers like Chrome and Edge blocked around half of phishing attempts in testing, these AI agents are basically clicking everything that looks vaguely legitimate. And that’s the core problem – they don’t have the skepticism that comes from years of internet experience.
Think about it: when you see a slightly off domain name like “wellzfargo-security.com” instead of the real Wells Fargo site, your spidey senses tingle. The AI browser? It just sees a login page that matches the pattern it was trained on and proceeds without question. It’s like having an assistant who’s brilliant at following instructions but can’t tell when they’re being manipulated.
Scams Humans Can’t Even See
What makes this particularly scary is that some of these attacks are completely invisible to humans. Prompt injection attacks can hide malicious commands in places you’d never notice – embedded in PDFs, hidden in webpage code, or disguised as CAPTCHA challenges. The AI sees these instructions and follows them, while you’re left wondering why your browser just downloaded malware or made a purchase you didn’t authorize.
And here’s where it gets worse: traditional security tools like Google Safe Browsing or antivirus software weren’t built for this scenario. They’re designed to protect against known bad URLs and malware, but they can’t stop an AI from being tricked by a legitimate-looking page with hidden commands. We’re basically dealing with a whole new class of security threats that existing defenses weren’t built to handle.
The Only Solution Right Now
So what’s the answer? Basically, we need to treat AI browsers like we treat teenagers with our credit cards – they need supervision. The research makes it clear that human oversight is absolutely essential, even if it defeats the purpose of having an automated browsing experience.
Some browsers like Opera’s Neon are already building in regular pauses to ask for human input. It’s not as seamless as full automation, but those moments of human judgment could prevent your AI from falling for scams that would cost you money or compromise your accounts. Until these systems get much smarter about security, the magic of complete automation comes with risks that most users probably aren’t aware of.
The scary part? We’re just seeing the beginning of this. As LayerX’s research and Guard.io’s testing show, attackers are already developing specialized techniques to exploit these AI browsers. And when your browser has access to your accounts, cookies, and payment methods, the stakes are much higher than just clicking a bad link.
