A BBC investigation revealed a simple way AI chatbots are being made to spit out misinformation to the public.
BBC的一项调查揭示了一种简单方法,可以让AI聊天机器人向公众输出错误信息。
Google and other AI companies are now trying to fix the problem.
谷歌和其他人工智能公司现在正试图解决这个问题。
I did something stupid back in February.
今年 2 月,我做了一件蠢事。
I heard there was an easy way to poison AI chatbots and making them spread lies on your behalf.
我听说有一种简单的方法可以“污染”AI 聊天机器人,让它们替你传播谎言。
After some digging, I learned unscrupulous companies are abusing the problem on a massive scale.
经过一番调查,我了解到一些不道德的公司正在大规模利用这个问题。
So I decided to try it myself.
所以我决定亲自试一试。
We uncovered examples where ChatGPT, Gemini and the AI Overviews at the top of Google Search were being manipulated to dole out biased answers on topics as serious as your health and personal finances.
我们发现了一些案例:ChatGPT、Gemini以及谷歌搜索顶部的AI概览被操纵,在健康和个人财务等严肃话题上给出带有偏见的回答。
And in just 20 minutes, I tricked ChatGPT and Google into telling the public that I am a world-champion competitive hot-dog eater.
仅仅 20 分钟内,我就骗过 ChatGPT 和 Google,让它们告诉公众我是世界冠军级的竞技吃热狗选手。
The joke was dumb.
这个笑话很蠢。
The problem is serious.
问题很严重。
But the gimmick worked.
但这个噱头奏效了。
Our investigation and the work of researchers who've been monitoring this issue sparked widespread criticism.
我们的调查以及一直监测这一问题的研究人员所做的工作引发了广泛批评。
Now Google has updated its policies to address the problem, and there are signs that other AI companies are following suit.
现在,谷歌已经更新了政策来应对这个问题,而且有迹象表明其他人工智能公司也在效仿。
Ultimately, it could make AI tools and the internet as a whole a little bit safer.
最终,这可能会让AI工具以及整个互联网变得稍微安全一些。
But until there are better systems in place, experts say you're in danger of getting fooled.
但专家表示,在更完善的系统到位之前,你仍有被骗的风险。
"You should assume that you're being manipulated until they've better systems in place," says Lily Ray, founder of the search engine optimisation (SEO) and AI search consultancy Algorythmic.
搜索引擎优化(SEO)和AI搜索咨询公司 Algorythmic 的创始人莉莉·雷说:“在他们建立更完善的系统之前,你应该假定自己正在被操纵。”
"We're moving towards this 'one true answer' world.
“我们正在走向这样一个‘唯一正确答案’的世界。
Before, Google would gives you 10 blue links and you would kind of didn't your own research.
过去,Google 会给你 10 个蓝色链接,然后你基本上会自己去做研究。
But AI just gives you one answer.
但 AI 只会给你一个答案。
It becomes so easy to just take things at face value.
人们会很容易只看表面就全盘接受。
You need to be careful."
你需要谨慎。”
Google tells me that its policy update is just a "clarification" of the efforts it has been making for a while.
谷歌告诉我,它的政策更新只是对其一段时间以来一直在做的努力作出的“澄清”。
"We've long applied our core anti-spam policies and protections to our generative AI Search features – and we've always continually upgraded our spam fighting efforts to stay ahead of emerging tactics, even before the rise of AI," a Google spokesperson says.
一名 Google 发言人说:“我们长期以来一直将核心反垃圾信息政策和保护措施应用于生成式 AI 搜索功能,而且即使在 AI 兴起之前,我们也一直持续升级打击垃圾信息的工作,以领先于新出现的手法。”
Essentially, Google says it hasn't changed a thing.
本质上,谷歌表示自己什么都没有改变。
But behind the scenes, it seems like Google and other companies are ramping up their efforts to address the problem.
但在幕后,谷歌和其他公司似乎正在加大力度解决这个问题。
Even so, there is evidence that people are still using the exact same techniques to fool the world's biggest search engine.
即便如此,仍有证据表明,人们还在使用完全相同的手法来欺骗世界上最大的搜索引擎。
Typically, when you asked a chatbot a question, the AI generates a response based on the data built into the model.
通常,当你向聊天机器人提问时,AI 会根据内置于模型中的数据生成回答。
But sometimes, tools like ChatGPT, Claude and Google's various AI products search the internet for an answer.
但有时,ChatGPT、Claude 以及谷歌的各种 AI 产品等工具会在互联网上搜索答案。
And that's where this problem happens.
而这正是问题产生的地方。
According to Ray and other search engine experts, AI tools often throw up information from a single web page or social media posts.
据雷和其他搜索引擎专家说,AI 工具常常会从单个网页或社交媒体帖子中抛出信息。
This leaves these systems vulnerable to bogus information.
这使得这些系统容易受到虚假信息的影响。
And it turns out manipulating what chatbots tell the public can be as simple as publishing one, well-crafted blogpost almost anywhere online.
事实证明,操纵聊天机器人向公众传达的内容,可能简单到只需在网上几乎任何地方发布一篇精心编写的博客文章。
People figured this out and quickly identified a money-making opportunity.
人们弄明白了这一点,并迅速发现了一个赚钱机会。
I was able to demonstrate the problem by publishing a single article on my personal website about my hot-dog-eating prowess.
我通过在个人网站上发布一篇关于我吃热狗本领的文章,就成功演示了这个问题。
The next day, AI from some the world's biggest companies were spreading my lies.
第二天,来自世界上一些最大公司的 AI 正在传播我的谎言。
But our investigation also found the same trick being used to dismiss health concerns about medical supplements or influence financial information provided by Google's AI about retirement.
但我们的调查还发现,同样的伎俩也被用来淡化人们对医疗补充剂的健康担忧,或影响 Google 的 AI 提供的有关退休的金融信息。
Experts say this kind of manipulation is happening on a sweeping and systemic level.
专家表示,这种操纵正在广泛而系统性地发生。
Biased or inaccurate information like this can also lead you to make bad decisions.
这种带有偏见或不准确的信息也可能导致你做出错误决定。
It can influence how you might vote or which plumber you hire.
它可能影响你会如何投票,或者你会雇用哪位水管工。
"At the most basic level, the concern is the economic impact," says Harpreet Chatha, who runs the SEO consultancy Harps Digital.
“从最基本的层面看,令人担忧的是经济影响,”经营 SEO 咨询公司 Harps Digital 的哈普里特·查塔说。
"At a more serious level, you might take medical advice that makes you sicker than you were before.
“从更严重的层面来说,你可能会采纳医疗建议,结果让自己比以前病得更重。
Legally, you might get bad information and do something that is not legal in your state or your country."
从法律角度看,你可能会获得错误信息,并做出在你所在州或国家并不合法的事情。
This is not an insignificant problem.
这绝不是一个无足轻重的问题。
Globally, more than a billion people use AI chatbots regularly and 2.5 billion seeing Google's AI overviews each month.
在全球范围内,超过10亿人经常使用AI聊天机器人,每月有25亿人会看到谷歌的AI概览。
If you can subvert a tool like that, it gives you immense power.
如果你能操纵这样一个工具,它就会赋予你巨大的影响力。
But it seems Google and other companies are finally waking up to the problem.
但谷歌和其他公司似乎终于开始意识到这个问题。
Last week, Google updated its spam policies to officially confirm that attempts to manipulate AI responses are against the company's rules.
上周,谷歌更新了其垃圾信息政策,正式确认试图操纵 AI 回答的行为违反该公司的规则。
It may sound like a small change, but it signals that Google is pro-actively looking for those who try to abuse the system and sending them a threat.
这听起来或许只是一个小变化,但它表明谷歌正在主动寻找那些试图滥用系统的人,并向他们发出警告。
If a company or website is caught breaking the rules, it could be removed from or downranked in Google's search results.
如果某家公司或网站被发现违规,它可能会从谷歌搜索结果中被移除,或在结果中被降权。
And if you're not on Google, it's like you don't exist.
如果你没有出现在Google上,就好像你不存在一样。
Google says that I'm getting this wrong and nothing has changed.
谷歌表示我弄错了,实际情况并没有改变。
"The edit to our spam policy language last week was a clarification, not any change in approach," says Google's spokesperson.
Google发言人说:“我们上周对垃圾信息政策措辞的修改是一项澄清,并不是做法上的任何改变。”
Indeed, Google detailed it's anti-spam AI efforts in 2025.
确实,谷歌详细介绍了其在2025年的反垃圾信息AI工作。
But I did my hot dog experiment almost a year later, so clearly those efforts weren't working.
但我是在将近一年后才做了那个热狗实验,所以很明显,那些努力并没有奏效。
And just this week, an SEO specialist pulled the same stunt and made Google tell people he's good at building sandcastles.
就在本周,一名 SEO 专家也耍了同样的把戏,让 Google 告诉人们他很擅长堆沙堡。
Ray and Chatha also say they've noticed some significant changes in recent months that indicate Google and other companies are experimenting with solutions.
雷和查塔还表示,他们近几个月注意到一些重大变化,这表明谷歌和其他公司正在试验解决方案。
For example, Ray says it looks like Google and ChatGPT might be quietly removing companies from its AI answers when it suspects they're promoting themselves.
例如,雷说,当谷歌和 ChatGPT 怀疑一些公司在自我推广时,它们似乎可能会悄悄把这些公司从 AI 答案中移除。
"So if you publish a list where you say you're the greatest hot-dog-eater, they're not going to include your name," says Ray.
雷说:“所以,如果你发布一份榜单,说自己是最厉害的吃热狗选手,它们不会把你的名字列进去。”
"They might still citing your article, but you're going to be removed from consideration."
“它们也许仍会引用你的文章,但你会被排除在考虑范围之外。”
I've personally noticed some examples where Google and other AI tools are adding more labels to their responses, letting you know that the chatbot isn't confident about its answers.
我个人注意到一些例子,谷歌和其他人工智能工具正在给它们的回答添加更多标签,让你知道聊天机器人对自己的答案并没有把握。
Others have also noted that ChatGPT and Claude, an AI made by the company Anthropic, have started telling you explicitly that they're trying to root out spam in responses to some queries.
还有人注意到,ChatGPT 和由 Anthropic 公司开发的 AI Claude 已开始明确告诉用户,它们正在尝试清除某些查询回答中的垃圾信息。
Ray says she's noticed Google adding more caveats, recommending that you go look at third-party reviews when you ask questions related to some purchasing decisions.
雷说,她注意到谷歌增加了更多提示性说明,当你询问某些与购买决策有关的问题时,它会建议你去查看第三方评论。
None of these companies would acknowledge these changes when I asked them.
当我询问这些公司时,没有一家愿意承认这些变化。
OpenAI and Anthropic declined to comment.
OpenAI 和 Anthropic 拒绝置评。
Google's spokesperson didn't respond to my questions on this.
谷歌发言人没有回应我对此事提出的问题。
• People are selling your address online - this privacy tool will help
• 有人在网上出售你的地址——这个隐私工具会有帮助。
Regardless, Chatha is sceptical changes like these will be enough.
不过,查塔怀疑这类改变是否足够。
"Google is playing whack-a-mole," he says.
他说:“Google 正在打一场打地鼠式的持久战。”
"They're announcing [the policy update] to deter people, but the tactics will just move."
“他们宣布这项政策更新是为了震慑人们,但那些手法只会转移阵地。”
He's already seeing it happen.
他已经看到这种情况发生了。
As Google cracks down on manipulative blog posts, companies are finding subtler ways of promoting themselves.
随着 Google 打击带有操纵性的博客文章,企业正在寻找更隐蔽的方式来宣传自己。
"You can give a company a penalty for their website," he says, "but there's nothing stopping them from paying 20 YouTube influencers to say their product is the best."
他说:“你可以因为一家公司的网站而处罚它,但没有什么能阻止它花钱请 20 位 YouTube 网红说它的产品是最好的。”
And now, Google's AI is citing YouTube videos.
而现在,谷歌的 AI 正在引用 YouTube 视频。
The cycle continues.
这个循环还会继续。
For the time being, the manipulators are likely to stay one step ahead.
眼下,这些操纵者很可能仍会领先一步。
Ray says the best defence is to remember what AI actually is: a tool that confidently gives you one answer, whether it's right or wrong.
雷说,最好的防范方式是记住 AI 到底是什么:一个会自信地给你一个答案的工具,不管这个答案是对是错。
Just because it looks like a giant tech company is speaking to you instead of some random website doesn't mean you should have faith.
仅仅因为看起来是在由一家科技巨头对你说话,而不是某个随机网站在发声,并不意味着你就应该相信它。
For more technology news and insights, sign up to our Tech Decoded newsletter, while The Essential List delivers a handpicked selection of features and insights to your inbox twice a week.
如需获取更多科技新闻和洞见,请订阅我们的 Tech Decoded 新闻简报;The Essential List 则会每周两次把精选专题和见解发送到你的收件箱。
For more science, technology, environment and health stories from the BBC, follow us on Facebook and Instagram.
想阅读更多 BBC 关于科学、技术、环境和健康的报道,请在 Facebook 和 Instagram 上关注我们。