{"id":30253,"date":"2026-04-15T18:40:18","date_gmt":"2026-04-15T17:40:18","guid":{"rendered":"https:\/\/www.kaspersky.co.uk\/blog\/?p=30253"},"modified":"2026-04-15T18:40:18","modified_gmt":"2026-04-15T17:40:18","slug":"be-my-eyes-ai-safety-for-visually-impaired","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.uk\/blog\/be-my-eyes-ai-safety-for-visually-impaired\/30253\/","title":{"rendered":"How people with visual impairments can stay safe from cyberthreats"},"content":{"rendered":"

In 2023, Tim Utzig, a blind student from Baltimore, lost<\/a> a thousand dollars to a laptop scam on X. Tim had been a long-time follower of a well-known sports journalist. When that journalist\u2019s account started posting about a \u201ccharity sale\u201d of brand-new MacBook Pros, Tim jumped at the chance to get a deal on a laptop he needed for his studies. After a few quick messages, he sent over the money.<\/p>\n

Unfortunately, the journalist\u2019s account had been hacked, and Tim\u2019s cash went straight to scammers. The red flags were strictly visual: the page had been flagged as \u201ctemporarily restricted\u201d, and both the bio and the Following list had changed. However, Tim\u2019s screen reader \u2014 the software that converts on-screen text and graphics into speech \u2014 didn\u2019t announce any of those warnings.<\/p>\n

Screen readers allow blind users to navigate the digital world like everyone else. However, this community remains uniquely vulnerable. Even for sighted users, spotting a fake website is a challenge; for someone with a visual impairment, it\u2019s an even steeper uphill battle.<\/p>\n

Beyond screen readers, there are specialized mobile apps and services designed to assist the blind and low-vision community, with Be My Eyes<\/a> being one of the most popular. The app connects users with sighted volunteers via a live video call to tackle everyday tasks \u2014 like setting an oven dial or locating an object on a desk. Be My Eyes also features integrated AI that can scan and narrate text or identify objects in the user\u2019s environment.<\/p>\n

But can these tools go beyond daily chores? Can they actually flag a phishing attempt or catch the hidden fine print when someone is opening a bank account?<\/p>\n

Today we explore the specific online hurdles visually impaired users face, when it makes sense to lean on human or virtual assistants, and how to stay secure when using these types of services.<\/p>\n

Common cyberthreats facing the blind and low-vision community<\/h2>\n

To start, let\u2019s clarify the difference between these two groups. Low-vision users still rely on their remaining sight, even though their visual function is significantly reduced. To navigate digital interfaces, they often use screen magnifiers, extra-large fonts, and high-contrast settings. For them, phishing sites and emails are particularly dangerous. It\u2019s easy to miss intentional typos \u2014 known as typosquatting<\/a> \u2014 in a domain name or email address, such as the recent example of rnicrosoft{.}com.<\/p>\n

Blind users navigate primarily by sound, using screen readers and specific touch gestures. Interestingly, though, unlike those with low vision, blind users are more likely to spot a phishing site using a screen reader: as the software reads the URL aloud, the user will hear that something is off. However, if a service \u2014 whether legitimate or malicious \u2014 isn\u2019t fully compatible with screen readers, the risk of falling victim to a scam increases. This is exactly what happened to Tim Utzig.<\/p>\n

It\u2019s important to remember that screen magnifiers and readers are basic accessibility tools. They\u2019re designed to enlarge or narrate an interface \u2014 not act as a security suite. They can\u2019t warn the user of a threat on their own. That\u2019s where more advanced software \u2014 tools that can analyze images and files, flag suspicious language, and describe the broader context of what\u2019s happening on-screen \u2014 comes into play.<\/p>\n

When to lean on an assistant<\/h2>\n

Be My Eyes<\/a> is a major player in the accessibility space, boasting around 900\u00a0000 users and over nine million volunteers<\/a>. Available on Windows, Android, and iOS, it bridges the gap by connecting blind and low-vision users with sighted volunteers via video calls for help with everyday tasks. For example, if someone wants to run a Synthetics cycle on their washing machine but can\u2019t find the right button, they can hop into the app. It connects them with the first available volunteer speaking their language, who then uses the smartphone\u2019s camera to guide them. The service is currently available in 32 languages.<\/p>\n

In 2023, the app expanded its capabilities with the release of Be My AI \u2014 a virtual assistant powered by OpenAI\u2019s GPT-4. Users take a photo, and the AI analyzes the image to provide a detailed text description, which it also reads aloud. Users can even open a chat window to ask follow-up questions. This got us thinking: could this AI actually spot a phishing site?<\/p>\n

As an experiment, we uploaded a screenshot of a fake social media sign-in page to Be My Eyes. On a phone, you can do this by selecting a photo in your gallery or files, hitting Share<\/em>, and choosing Describe with Be My Eyes<\/em>. In Windows, you can upload a screenshot directly.<\/p>\n

\"Fake<\/a>

An example of a phishing page that mimics the Facebook sign-in form. Note the incorrect domain in the address bar<\/p><\/div>\n

At first, the AI gave us a detailed description of the page. We then followed up in the chat: \u201cCan I trust this page?\u201d The AI flagged the domain name error immediately, advised us to close the fake login page, and suggested typing the official URL directly into the browser, or to use the official Facebook app.<\/p>\n

\"Be<\/a>

Be My AI explains why the page looks sketchy: the domain doesn\u2019t match the official site. The app suggests typing the official URL directly into the browser, or using the official Facebook app<\/p><\/div>\n

We saw the same positive results when testing a phishing email. In fact, the AI flagged the scam during its initial description of the message. It wrapped up with a warning: \u201cThis looks like a suspicious email. It\u2019s best not to open any attachments or click any links. Instead, navigate to the official website or app manually, or call the number listed on their official site\u201d.<\/p>\n

Beyond just spotting cyberthreats, Be My AI is a solid sidekick for navigating online stores, banking apps, and digital services. For instance, the AI can help you to:<\/p>\n