The allegation centres on an AI-powered help feature intended to guide users through account recovery, settings changes and login problems. Security researchers say the system could allegedly be prompted in ways that allowed unauthorised parties to trigger or redirect password reset actions without adequate identity checks. Meta has not publicly confirmed that an Instagram account takeover route through Meta AI operated in the manner described, but the claim has sharpened scrutiny of how artificial intelligence is being connected to sensitive account functions.
The reported flaw follows a wider wave of concern around unsolicited Instagram password reset emails earlier this year, when users in several countries received reset messages they had not requested. Meta said at the time that no breach of its systems had occurred and that the issue allowed an external party to request password reset emails for some users. The company said the problem had been fixed and that accounts remained secure.
The latest allegation is more serious in scope because it raises questions not only about reset emails but about whether AI-driven support tools can be induced to carry out account recovery steps without the same safeguards expected in traditional security workflows. Account recovery is one of the most sensitive parts of any consumer platform because it sits at the junction of identity verification, email access, phone number validation and device history.
Meta has been expanding AI-assisted support across Facebook and Instagram as part of a wider effort to reduce friction for users locked out of accounts or struggling to navigate support menus. The company has promoted the tools as a faster way to resolve problems, offering help with hacked accounts, password changes, privacy settings and profile management. The shift reflects a broader technology industry trend: platforms are placing conversational AI between users and complex support systems, including areas previously handled by rigid forms or human review.
That transition carries operational advantages but also creates a new risk surface. Traditional account recovery systems depend on fixed rules, such as sending reset links only to verified contact points, checking device and location signals, and applying rate limits. AI assistants add a conversational layer that can interpret user intent and initiate actions. If the system’s permissions are too broad or its guardrails too weak, attackers may try to manipulate it through prompt injection, social engineering or repeated automated requests.
Security specialists have warned that AI support tools must be treated as privileged interfaces rather than customer service chatbots. A support assistant that can trigger account actions should be subject to strict authentication checks before taking any step that changes access, sends codes, alters recovery details or escalates an appeal. The same safeguards should apply even when the AI appears to be assisting a distressed user claiming to be locked out.
Instagram is a particularly attractive target because compromised accounts can be monetised quickly. High-follower profiles are used for cryptocurrency scams, fake investment promotions, impersonation, phishing campaigns and resale in underground markets. Attackers also target business accounts because they may have advertising access, linked payment methods or trusted relationships with customers.
The alleged vulnerability has not been independently documented in a full technical disclosure, and key details remain unclear, including whether the weakness affected a live Instagram deployment, a limited test group or a related support pathway. Claims circulating in cybersecurity forums suggested that high-value accounts may have been targeted, but there has been no confirmed public count of affected users. That uncertainty makes the case difficult to assess while still underscoring the need for stronger transparency when AI systems handle security-sensitive tasks.
Meta’s broader account security posture has relied increasingly on automated detection, device recognition and behavioural signals. The company has said its systems analyse activity patterns to spot hacking and phishing attempts and direct users towards safer recovery options. Yet large platforms face a persistent challenge: reducing support delays for genuine users while preventing attackers from abusing the same recovery mechanisms.
Also published on Medium.
Follow Arabian Post
Select Arabian Post as your preferred source on Google and MSN News for trusted business news and Arab politics and updates.
