Back Issues This Week → Current Issue → Popular →

All issuesVolume 336, Issue 4IT Vendor NewsKnowBe4

Report: Attackers Can Trick AI Assistants Into Displaying Phishing Messages

KnowBe4, March 26,2026

Researchers at Permiso warn that threat actors can plant phishing messages within Copilot AI summaries. Notably, the researchers found that attackers can trick Copilot into including internal information to craft a more targeted message.

In a proof-of-concept attack, Permiso outlined the following attack:

  • An attacker sends a benign-looking email.
  • The attacker includes hidden or low-visibility 'instruction text' intended for Copilot.
  • The recipient clicks Summarize (a normal productivity workflow).
  • The Copilot summary includes an 'Action Required' section that looks like a legitimate Microsoft security notification.
  • The summary can include a clickable link presented with safe-looking anchor text.

The researchers note, 'At that point, the phishing content is no longer 'just an email.' It's presented as assistance generated by an AI tool that the organization may have endorsed.

more →  ·  More from KnowBe4 →