Blue41 assisted Bunq, Europe’s second-largest digital bank with over 20 million customers, in securing its AI assistant against spearphishing vulnerabilities. The security firm discovered that a single €0.01 bank transfer could exploit an indirect prompt injection flaw, potentially turning the assistant into a channel for highly credible phishing attacks, according to blue41.com.
During testing, Blue41 identified that the AI assistant, which processes transaction data and customer records, could be manipulated through untrusted inputs. The assistant uses a large language model to respond to natural-language queries by accessing backend data such as transaction records and account details. This architectural setup exposed the system to risks where attackers could embed malicious prompts via seemingly innocuous bank transfers.
The issue highlights a broader challenge for financial institutions deploying AI assistants that interact with sensitive data. As more banks integrate AI-powered features into their apps, vulnerabilities like indirect prompt injections pose significant security threats. The case underscores the need for robust safeguards in AI systems handling financial transactions, especially given the increasing reliance on AI for customer support and transaction processing.
Blue41’s findings were shared publicly to raise awareness of these risks across the financial sector. Bunq’s AI assistant now benefits from enhanced security measures addressing the identified vulnerabilities. Blue41 won the RSAC Launch Pad award, reflecting its expertise in AI security solutions, as noted on blue41.com.