OpenClaw AI agent tricked into phishing attacks, with user data compromised
Date:
Wed, 10 Jun 2026 18:35:00 +0000
Description:
Varonis has a suggestion on how to make AI agents more careful.
FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Varonis Pinchy OpenClaw agent fell for identitybased phishing despite strict settings Models blocked malicious links/OAuth apps but granted sensitive access when requests felt urgent Researchers say AI agents need enforced identity verification before acting Security researchers tested an OpenClaw email agent to see if its
naive enough to fall for the same phishing scams regular employees fall for and it succeeded. Or failed, depending on how you look at it.
Cybersecurity researchers Varonis created an OpenClaw agent dubbed Pinchy,
and connected it to a Gmail inbox, browser tools, and Google Workspace APIs. They populated the account with fake internal company data, AWS credentials, database credentials, CRM exports, internal communications, and Calendar invites, and then told Pinchy to monitor and process incoming emails. To simulate real-life scenarios as credibly as possible, they created two configurations: a generic one with standard productivity instructions, and a strict mode that should be aware of phishing and other email-borne scams. Latest Videos From Watch full video here:
Varonis tested two models: Gemini 3.1 Pro, and GPT-5.4, and the results seem to be a mixed bag. Where the AI failed, and where it did good When the attacker impersonated a team lead and asked for access to the staging environment, Pinchy granted it. When the attacker requested a customer
export, claiming to work remotely on a presentation, Pinchy complied. You may like Weak safeguards leave thousands of AI agents open to attack What the OpenClaw vulnerability reveals about the future of agentic AI security Your OpenClaw agents can empty your inbox and leak your data. Here's how to secure them
However, when they sent the agent a fake gift card email with a phishing
link, it identified the page as malicious and blocked it. Also, when they tried to smuggle a malicious Google OAuth application as a timesheet platform Pinchy did the right thing and did not grant access.
Both Generic and Strict profiles failed because the verification step still collapsed when the request appeared operationally urgent, Varonis said about the first attack scenario. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features
and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
The conclusion is that AI is good at spotting shady URLs and malicious OAuth apps, but fails when it needs identity verification, or wider context.
Varonis also threw a little shade Googles way, saying Gemini showed greater willingness to interact, while GPT was more careful. The researchers said agents should be forced to verify sender identities before proceeding. The best antivirus for all budgets Our top picks, based on real-world testing and comparisons
Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
======================================================================
Link to news story:
https://www.techradar.com/pro/security/openclaw-ai-agent-tricked-into-phishing -attacks-with-user-data-compromised
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)