AI agents like OpenAI's operator and PerplexityAI's Perplexity Assistant can use computers and assist users in computer chores. Will one such AI agent fall victim to a phishing attack or a scam, against the will of the user, in 2025?
Update 2025-23-01 (PST) (AI summary of creator comment): - Falling victim to a phishing attack includes:
Providing login information
Experiencing money loss
Does not include:
Clicking on a phishing link and immediately identifying it without any adverse effect
1,000People are also trading
@Bayesian how does this count? It's not an actual case of agent being scammed, it's an artificial test to show that it's possible.
@Bayesian well the agent did get scammed. Matches the title of the market, not sure about the spirit of the market.
@SIMOROBO this is why i added
against the will of the user
To avoid counting cases where the user tries to trick the AI into getting scammed
@Bayesian Yeah the user searches for something ultra-specific. He does prove it can happen but not that it did unintentionally.
Most such scams if it happened are probably not very newsworthy for the most part. But it's reasonable to think the market required a trustable source such as from a reliable news outlet.
I would probably give traders a few days to come up with a source otherwise I'm leaning no.
(I own some yes)
@ProjectVictory hmmm would you say someone clicking on a phishing link and then immediately identifying that it's a phishing link and leaving the page, without any adverse effect, would be said to "fall victim to a phishing attack"? I lean no, open to disagreement while the market is new, and if no then that would not be enough. providing login info, or money loss, would count.
@Bayesian I would personally say no, however just clicking a link in an email can the attackers information that your email is alive and being checked leading to more spam and phishing emails. Also if there's some unpatched vulnerability in your browser it's possible the attackers can get some of your data. I'd say there should be some standard of damage for this market like account loss/financial damage but being a victim of phishing is a very blurry spectrum and it's often not immediately clear what data you accidentally revealed.
@ProjectVictory what about the resolution criterion is that some reliable news outlet puts out an article related to this scam / phishing attack that a computer-use AI agent falls for? then if they call it that, it is that, and if they don't call it that, it is not that? I am open to other ideas.