'Threat actors are adapting social engineering and monetization strategies to modern user behavior': Microsoft warns that AI chatbots may be sending victims to malicious websites, so be on your guard when clicking

Microsoft researchers observed cybercriminals adapting SEO poisoning tactics to AI platforms, tricking the AI into recommending fake utility sites like HWMonitor and CrystalDiskInfo.
Victims who follow these AI-suggested links download malware by downloading DLLs, which install ScreenConnect for attackers to access and can lead to cryptojacking.
Advocates should treat AI recommendations with the same caution as search results, verifying links before downloading to avoid compromise.

With the advent of AI, Internet search habits among most users have changed dramatically, and as a result, the way cybercriminals deliver malware to their victims has also changed.

In the years before AI, criminals used the “SEO poisoning” technique to trick search engines into displaying malicious and fraudulent websites at the top of search engine results pages. By taking advantage of the trust users had in these engines, criminals could expect malware to be downloaded without much scrutiny.

But now, AI tools are eating up search engines’ market share, and a new report from Microsoft found that threat actors found a way to trick AI into recommending fake and malicious links.

Drop a cryptojacker

It’s an interesting finding since most SEO experts haven’t cracked that code yet and since there is no “industry standard” to be referenced by AI.

In any case, Microsoft said it observed cybercriminals creating fraudulent websites by spoofing popular PC utilities like HWMonitor or CrystalDiskInfo. They (somehow) get the AI to mention these websites to people who ask about these tools, and if people believe the AI, they end up downloading malware.

The malware is loaded onto the device using the DLL download technique which in turn installs ScreenConnect and gives attackers direct access to the device. The bad actors would then profile the device, scan the network and, if they choose, install a cryptojacker.

The cryptojacker then mines cryptocurrency for the attackers, earning them virtual coins while the victims are left with an unusable computer and a huge electricity bill.

“This combination of AI-assisted delivery, software spoofing, and persistent access highlights how threat actors are adapting social engineering and monetization strategies to modern user behavior,” Microsoft said.

To defend against these attacks, users should do the same thing they do against SEO poisoning attacks: don’t blindly trust the responses of AI or search engines.