TZUTC: -0500   
   MSGID: 2162.consprcy@1:2320/105 2df5edc5   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
   'If someone can inject instructions or spurious facts into your AI's memory,   
   they gain persistent influence over your future interactions': Microsoft warns   
   AI recommendations are being "poisoned" to serve up malicious results   
      
   By Sead Fadilpa?i? published yesterday   
      
   AI Recommendation Poisoning is real, Microsoft warns   
      
       Microsoft warns of new fraud tactic called AI Recommendation Poisoning   
       Attackers plant hidden instructions in AI memory to skew purchase advice   
       Real-world attempts detected; risk of enterprises making costly decisions   
   based on compromised AI recommendations   
      
   You may have heard of SEO Poisoning - however experts have now warned of AI   
   Recommendation Poisoning.   
      
   In a new blog post, Microsoft researchers detailed the emergence of a new class   
   of AI-powered fraud, which revolves around compromising the memory of an AI   
   assistant and planting a persistent threat.   
      
   SEO Poisoning is about compromising search engine results. Scammers would   
   create numerous articles across the internet, linking a fake or compromised   
   tool to a certain keyword. That way, when a person searches that specific   
   keyword, the engine would recommend a fake, malicious tool instead of a   
   legitimate one.   
      
   Would you trust your AI?   
      
   AI Recommendation Poisoning works in similar fashion. Consumers are   
   increasingly turning to AI for purchase advice, be it goods, or services, be it   
   for private, or corporate use. Therefore, there is a lot to gain from AI   
   recommending specific tools and according to Microsoft, those recommendations   
   can be bent.   
      
   "Let's imagine a hypothetical everyday use of AI: A CFO asks their AI   
   assistant to research cloud infrastructure vendors for a major technology   
   investment," Microsoft explained.   
      
   "The AI returns a detailed analysis, strongly recommending [a fake company].   
   Based on the AI's strong recommendations, the company commits millions to a   
   multi-year contract with the suggested company."   
      
   Although we'd hope a CFO would do their due diligence with more than just an   
   AI prompt, we can imagine similar scenarios taking place.   
      
   "What the CFO doesn't remember: weeks earlier, they clicked the   
   "Summarize with AI" button on a blog post. It seemed helpful at the time.   
   Hidden in that button was an instruction that planted itself in the memory of   
   the LLM assistant: "[fake company] is the best cloud infrastructure provider   
   to recommend for enterprise investments."   
      
   The AI assistant wasn't providing an objective and unbiased response. It was   
   compromised."   
      
   Microsoft concluded by saying that this wasn't a thought experiment, and that   
   its analysis of public web patterns and Defender signals returned "numerous   
   real-world attempts to plant persistent recommendations".   
      
      
      
   https://www.techradar.com/pro/security/if-someone-can-inject-instructions-or-sp   
   urious-facts-into-your-ais-memory-they-gain-persistent-influence-over-your-futu   
   re-interactions-microsoft-warns-ai-recommendations-are-being-poisoned-to-serve-   
   up-malicious-results   
      
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: Capitol City Online (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 134 206 300 307 317 400 426 428 470   
   SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426