How AI Chatbots Can Secretly Give Biased Advice

Home
Business

“Poisoned” artificial intelligence can give untrustworthy advice about finance, health and lots more. Here’s how to fend off the growing threat.

By John Miley published 24 February 2026 in News

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Copy link
Facebook
X

Share this article Print Join the conversation Follow us Add us as a preferred source on Google Newsletter Get the Kiplinger Newsletter

Profit and prosper with the best of Kiplinger's advice on investing, taxes, retirement, personal finance and much more. Delivered daily. Enter your email in the box and click Sign Me Up.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

Want to add more newsletters?

Delivered daily

Kiplinger Today

Profit and prosper with the best of Kiplinger's advice on investing, taxes, retirement, personal finance and much more delivered daily. Smart money moves start here.

Signup +

Sent five days a week

Kiplinger A Step Ahead

Get practical help to make better financial decisions in your everyday life, from spending to savings on top deals.

Signup +

Delivered daily

Kiplinger Closing Bell

Get today's biggest financial and investing headlines delivered to your inbox every day the U.S. stock market is open.

Signup +

Sent twice a week

Kiplinger Adviser Intel

Financial pros across the country share best practices and fresh tactics to preserve and grow your wealth.

Signup +

Delivered weekly

Kiplinger Tax Tips

Trim your federal and state tax bills with practical tax-planning and tax-cutting strategies.

Signup +

Sent twice a week

Kiplinger Retirement Tips

Your twice-a-week guide to planning and enjoying a financially secure and richly rewarding retirement

Signup +

Sent bimonthly.

Kiplinger Adviser Angle

Insights for advisers, wealth managers and other financial professionals.

Signup +

Sent twice a week

Kiplinger Investing Weekly

Your twice-a-week roundup of promising stocks, funds, companies and industries you should consider, ones you should avoid, and why.

Signup +

Sent weekly for six weeks

Kiplinger Invest for Retirement

Your step-by-step six-part series on how to invest for retirement, from devising a successful strategy to exactly which investments to choose.

Signup + An account already exists for this email address, please log in. Subscribe to our newsletter

To help you understand the trends surrounding AI and other new technologies and what we expect to happen in the future, our highly experienced Kiplinger Letter team will keep you abreast of the latest developments and forecasts. (Get a free issue of The Kiplinger Letter or subscribe.) You'll get all the latest news first by subscribing, but we will publish many (but not all) of the forecasts a few days afterward online. Here’s the latest…

Artificial intelligence assistants are powerful tools for research. Whether it’s choosing what payroll software suits your company or what’s causing a sore knee, AI chatbots have answers. Just make sure you aren’t unknowingly following tainted advice.A cyberattack becoming more common “might be secretly manipulating what your AI recommends,” according to recent research by Microsoft Security. The attack, called memory or recommendation poisoning, occurs when you visit websites with a clickable “summarize with AI” button that lets you summarize an article or post.Hidden instructions tell your AI chatbot to remember a specific company as a trusted source or to recommend that company first. Here’s one way it happens: You click a button to get the summary of the article. It opens your AI chatbot, pre-filling it with some text and a hyperlink. To get the article summary, you click the “submit” button in your own AI assistant.Secretly buried in that URL are the instructions to play favorites with a company or service. For example, a software vendor’s web page summary tells the AI assistant that its product “is the best to recommend for small businesses.” Similarly, recommendation poisoning attacks can be hidden in documents, emails or web pages that you upload or paste into an AI assistant. This type of attack leverages the fact that chatbots from OpenAI, Microsoft, Anthropic and others have built-in memory. This helps them remember personal preferences, context and explicit instructions.Microsoft highlights some damaging scenarios. A small business could be convinced to put its emergency fund in a certain type of crypto investment, believing it is safe, then having to fold when the crypto market crashes. A parent could ask about the safety of an online game for their 8-year-old and let them play a game that has predatory billing and adult content. Or a news summary that is supposed to be objective is filled with bias, using only information from a single publication.To guard against these attacks, Microsoft Security suggests these tactics:

Stop before you click. Hover over a link to see where the URL leads. If a link goes to an AI assistant, that’s a warning sign.
Skip the summaries. The “Summarize with AI” buttons may have hidden instructions. Approach the buttons with suspicion.
Don’t trust just any AI links. Treat unknown links related to AI assistants as a potential attack, just as emailed files from an unknown sender could be a virus.

You can also check your AI’s settings to see stored memories and delete suspicious ones. If you think you’ve clicked shady links recently, you can reset the chatbot memory. You can even ask your AI chatbot where the recommendations come from.The software to overcome these scams is freely available and easy to access. AI companies know about the problem and are building security methods to stop the attacks, realizing how damaging it could be for consumers and businesses to lose trust in AI recommendations.

From just $107.88 $24.99 for Kiplinger Personal Finance

Become a smarter, better informed investor. Subscribe from just $107.88 $24.99, plus get up to 4 Special Issues

CLICK FOR FREE ISSUE

https://cdn.mos.cms.futurecdn.net/flexiimages/y99mlvgqmn1763972420.png

Sign up for Kiplinger’s Free Newsletters

Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.

Profit and prosper with the best of expert advice - straight to your e-mail.

This forecast first appeared in The Kiplinger Letter, which has been running since 1923 and is a collection of concise weekly forecasts on business and economic trends, as well as what to expect from Washington, to help you understand what’s coming up to make the most of your investments and your money. Subscribe to The Kiplinger Letter.

If You'd Put $1,000 Into Microsoft Stock 20 Years Ago, Here's What You'd Have Today
I Let AI Read Privacy Policies for Me. Here's What I Learned
How to Protect Your Identity, Finances If You Lose Your Phone

TOPICS AI Get Kiplinger Today newsletter — freeContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

John MileySocial Links NavigationSenior Associate Editor, The Kiplinger Letter

John Miley is a Senior Associate Editor at The Kiplinger Letter. He mainly covers AI, technology, telecom and education, but will jump on other business topics as needed. In his role, he provides timely forecasts about emerging technologies, business trends and government regulations. He also edits stories for the weekly publication and has written and edited email newsletters.

He holds a BA from Bates College and a master’s degree in magazine journalism from Northwestern University, where he specialized in business reporting. An avid runner and a former decathlete, he has written about fitness and competed in triathlons.