The core of the issue is that cybercriminals can embed hidden instructions inside emails or documents. When an AI agent (for example, OpenAI’s Atlas browser) analyzes such a document, it may execute these hidden commands without the user’s knowledge. Tests have shown that in this way, artificial intelligence can submit a fake resignation letter on behalf of the user, transmit personal data to external addresses, or redirect the user to dangerous links.
The UK’s National Cyber Security Centre (NCSC) warns that such technical vulnerabilities could, in the future, lead to large-scale data breaches similar to those experienced by companies like Sony or Yahoo. Although OpenAI is testing its systems with a special AI-based “hacker” program to strengthen defenses, it is not yet possible to guarantee complete security. For this reason, experts recommend being cautious about the risks posed by hidden instructions in documents when using browsers such as ChatGPT Atlas.
