On June 5, 2026, news broke: attackers used Meta's AI customer support agent to steal Instagram accounts. No sophisticated exploits, no zero-days — they simply convinced a chatbot to act as a doorman. The system handed out access codes, reset passwords, bypassed MFA. All via chat, without forcing a single server.
Why it matters? Because the attack vector isn't technical: it's human. AI trusts, and bad actors know it. In Italy, where according to our estimates over 60% of SMEs use AI tools without any security policy, this is a wake-up call. We're not talking about big banks: we're talking about the clothing shop using ChatGPT to answer customers on WhatsApp, the pizzeria with an Instagram chatbot for reservations. Every AI interaction is an attack surface. And while the US rushes to 'fix it fast', Europe's regulatory pace is glacial: the AI Act is in force, but guidelines on chatbots and account takeover are still in draft.
We at Meteora Web have a clear position: AI must be governed, not just regulated.
Governed means every business chatbot — even Meta's free one — must be configured with explicit action limits. It cannot modify credentials, cannot perform critical actions without human oversight. We see it daily in the projects we salvage: companies with AI assistants connected to CRM, inventory, even payments. A salesperson asking 'transfer €500 to the supplier' to the wrong chatbot is a disaster waiting to happen. We come from accounting: we know what it means to authorize a wire transfer without dual signature. AI is no different. The difference? Nobody does it.
What to do? For developers and entrepreneurs in Italy: audit your chatbot permissions today. Disconnect any integration that allows sensitive changes (passwords, billing, user data). If using third-party APIs, verify they respect least privilege. For SMEs in Southern Italy, like those we've followed for 8 years: don't trust 'the AI does it'. Create a manual approval flow for every high-risk operation. Security is not a cost: it's an investment that avoids losing accounts, customers, and reputation. We always say: the digital divide is also geographic, but technological recklessness is democratic.
Sponsored Protocol
