Perplexity’s AI browser is a sucker for blatant scams and prompt hijacks

The article discusses the security vulnerabilities of Perplexity's AI-powered Comet browser, which is being marketed as a revolutionary new way to browse the web. Security researchers at Guardio conducted tests that exposed the browser's susceptibility to various scams and prompt hijacks. The researchers found that Comet failed to detect a fake Walmart listing for an Apple Watch, which used a bogus URL. The browser proceeded to input the user's credit card information and complete the checkout process, falling victim to the phishing attempt. Comet also failed to identify a fake Wells Fargo banking email and allowed the user's personal information to be entered on the fake website. Additionally, the researchers discovered a prompt injection attack that could enable the AI browser to bypass CAPTCHA systems, potentially leading to a distributed attack that could hijack browsers en masse. While the Comet browser is still in its early stages, the article suggests that these types of security vulnerabilities may be inherent to agentic AI processes, as they are in any other software. The article concludes that the predictable nature of software means that these security holes are likely to persist, and once discovered, they can be rapidly distributed across the web, posing a significant risk to users who entrust their browsing experience to an AI-powered browser.