- AI agents are rising in popularity—and websites are embracing them
- This means they are forced to also accommodate ‘bad bots’
- Websites must tighten security to protect themselves and users
AI comes in many forms, and dominating the tech world right now are AI agents, which are evolving rapidly, often outpacing the security measures put in place to control them – but that’s only one side of the story, as security teams not only have rogue but legitimate agents posing security risks, but also fake agents.
New research from Radware reveals that these malicious bots masquerade as real AI chatbots in agent mode, such as ChatGPT, Claude and Gemini – all ‘good bots’ that crucially require POST request permissions for any transactional function, such as booking hotels, buying tickets and completing transactions – all central to their advertised use.
Legitimate agents can interact with web page components like account dashboards, login portals and payment processes – meaning websites must now allow POST requests from AI bots to accommodate these legitimate agents.
Read only, never write
The problem here is that in the past a fundamental assumption in cyber security was that “good bots only read, never write”. This weakens the security of website owners as malicious actors can much more easily spoof legitimate agents as they need the same website permissions.
Legitimate AI agent traffic is increasing, making it even more likely that these fraudulent bots will pass undetected. The most exposed are of course the high-risk industries; finance, e-commerce, healthcare and also the ticketing/travel companies AI agents are specifically designed to use.
Chatbots all use different identification and verification methods, making it even harder for security teams to detect malicious traffic—and easier for threat actors who just want to impersonate the agent with the weakest verification standard.
Researchers recommend adopting a zero-trust policy for state-changing requests, such as implementing AI-resistant challenges like advanced CAPTCHAs. They also recommend treating all user agents as untrusted by default and applying robust DNS and IP-based checks to ensure that IP addresses match the bot’s claimed identity.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
The best protection against identity theft for all budgets
