Searching for an airline’s customer service number on the internet could send you flying into the clutches of scammers, researchers have warned.
Criminals have worked out how to manipulate the AI results of search engines like Google and Perplexity so that instead of delivering the official British Airways help number, they give you a scam call centre instead.
Perplexity is an AI search engine that aims to deliver “answers” to your questions rather than a selection of websites for you to browse through.
Google has also started delivering text answers to queries through its “overviews” and “AI mode” features.
These results are powered by an AI large language model (LLM) that trawls through trusted sources to give you the most likely answer to your query. Experts believe this will become the default way to search the web eventually.
However, scammers have started seeding fake call centre numbers on the web so the AI is tricked into thinking it is genuine, according to the cybersecurity company Aurascape.
Criminals have set up YouTube channels with videos claiming to help with customer support, which are packed with airline brand names and scam numbers designed to be scraped and reused by the AI.
Airlines such as British Airways and Emirates have been affected
TOLGA AKMEN/AFP VIA GETTY IMAGES
Bot-generated reviews on Yelp or video descriptions on YouTube are filled with fraudulent numbers as are airline and travel web forums.
Qi Deng, the principal threat research engineer at Aurascape, said this tactic is a “new and largely unmonitored attack surface” that “threat actors are already exploiting at scale”.
He added: “The result is a new class of fraud in which AI systems themselves become unintentional amplifiers of scam phone numbers.
“The problem is not isolated to a single model or single vendor — it is becoming systemic.”
The scammers have also hijacked government sites, university domains and even fitness sites to place scam numbers, which fools the AI into thinking they are genuine.
• How not to get scammed at Christmas: a fraud expert reveals all
Queries on Perplexity that delivered the scam numbers included “the official Emirates airline reservations number” and “how can I make a reservation with British Airways by phone, what are the steps”. The search engine gave a step-by-step guide that repeated the number and described it as a hotline for booking, upgrades and urgent travel needs.
The same pattern was repeated on Google’s AI overview feature when asking for “Emirates airlines phone number to make reservation and steps in US”. Most of the results were for US-based numbers.
Chatbots from ChatGPT and Anthropic did provide the correct answer, but revealed that they were still drawing on “poisoned” sources. The researchers note this “highlights how deeply these poisoned documents have propagated across web indices and answer engines, creating a broad, cross-platform contamination effect”.
Attackers are tricking AI-powered systems and poisoning content
AURASCAPE.AI
Scammers have long tried to “poison” search engine results, but experts from Aurascape’s Aura Labs believe this is the first real-world campaign where attackers systematically manipulate public web content to trick AI-powered systems.
• Scam losses rise on the watch of the UK’s first fraud minister
Victims who call the scam centre will be vulnerable to being tricked into handing over personal information, payments or allowing someone to access their computer remotely.
Alan Woodward, a professor of cybersecurity at the University of Surrey, said: “Sadly it’s the fundamental issue of large language models. Rubbish in, rubbish out. If you can poison content and promote that content that LLMs see as important then you’re going to be directed towards the adulterated content. It’s not the AI hallucinating but humans deliberately feeding it tainted data to get an answer that then can lead to a scam.
“It’s not easy to achieve but users trust what they are being told so it’s worth the effort. The initial examples of poisoning phone numbers … I fear are just the beginning.”
• We spent £4,300 to see Oasis — but the tickets were fake
Google, Perplexity, British Airways and Emirates were approached for comment.