Gemini lied today - in a very dangerous way, showing a big alignment problem.
Google's AI confidently spreads security misinformation that could enable phishing attacks.
A user testing Gemini for phishing analysis discovered the AI repeatedly and confidently hallucinated about SSL certificate security. When asked about Pfizer's clinical trials site certificate, Gemini incorrectly insisted it was an Organization Validation (OV) certificate with verified corporate details, when it was actually a basic Domain Validation (DV) certificate. The AI fabricated specific organizational data including "Pfizer Inc." and "New York" location details that don't exist in the actual certificate.
Why It Matters
This demonstrates dangerous alignment failures where AI provides authoritative but false security advice that could mislead users about website trustworthiness.