Researchers warn hackers are manipulating AI chatbot recommendations to redirect users to phishing and scam websites.
Cybersecurity researchers are warning that threat actors are increasingly manipulating AI chatbot recommendations to redirect users toward phishing pages, scam platforms, and malicious websites.
According to researchers, attackers are abusing search engine optimisation (SEO) techniques and content poisoning methods to influence how artificial intelligence chatbots generate recommendations and web results. The tactic allows malicious sites to appear as trusted sources when users ask AI systems for product suggestions, software downloads, or technical assistance.
Investigators said cyber-criminals create networks of fake websites packed with manipulated keywords, cloned content, and hidden prompts specifically designed to influence large language models and AI-powered assistants. Once surfaced by chatbots, users may unknowingly click links leading to malware, credential theft pages, cryptocurrency scams, or fake software installers.
Researchers warned that many users place a high degree of trust in AI-generated recommendations, making the attacks especially dangerous. Unlike traditional phishing campaigns, poisoned AI responses can appear more credible because they are presented as neutral recommendations generated by popular AI systems.
The report also highlighted concerns surrounding “LLM poisoning,” where attackers intentionally manipulate publicly available content in order to influence how artificial intelligence models interpret information or generate answers. Experts said the growing adoption of retrieval-augmented generation (RAG) systems and AI search assistants increases the attack surface for this type of manipulation.
Cybersecurity analysts noted similarities between the tactic and older black-hat SEO campaigns previously used to poison Google search results with fake antivirus software, browser updates, and malicious downloads. However, researchers warned AI chatbot ecosystems could become even more attractive to attackers because users increasingly rely on conversational AI instead of traditional search engines.
The researchers urged AI platform providers to improve filtering systems, validate recommendation sources more carefully, and strengthen protections against prompt injection and malicious content manipulation. Users were also advised to verify links independently, avoid downloading software directly from AI-generated recommendations, and rely on official vendor websites whenever possible.
Related articles
- From prisoner to millionaire: The new life of Ross Ulbricht
- Interview with Pentester Cyberjagu
- Versus Dark Web Market Admin Extradited to U.S.
Reports are sourced from official documents, law-enforcement updates, and credible investigations.
Discover additional reports, market trends, crime analysis and Harm Reduction articles on DarkDotWeb to stay informed about the latest dark web operations.
