Personalized Attacks of Social Engineering in Multi-turn Conversations: LLM Agents for Simulation and Detection
Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:LMX5TPR4record.jsonopen to challenge →
read the original abstract
The rapid advancement of conversational agents, particularly chatbots powered by Large Language Models (LLMs), poses a significant risk of social engineering (SE) attacks on social media platforms. SE detection in multi-turn, chat-based interactions is considerably more complex than single-instance detection due to the dynamic nature of these conversations. A critical factor in mitigating this threat is understanding the SE attack mechanisms through which SE attacks operate, specifically how attackers exploit vulnerabilities and how victims' personality traits contribute to their susceptibility. In this work, we propose an LLM-agentic framework, SE-VSim, to simulate SE attack mechanisms by generating multi-turn conversations. We model victim agents with varying personality traits to assess how psychological profiles influence susceptibility to manipulation. Using a dataset of over 1000 simulated conversations, we examine attack scenarios in which adversaries, posing as recruiters, funding agencies, and journalists, attempt to extract sensitive information. Based on this analysis, we present a proof of concept, SE-OmniGuard, to offer personalized protection to users by leveraging prior knowledge of the victims personality, evaluating attack strategies, and monitoring information exchanges in conversations to identify potential SE attempts.
This paper has not been read by Pith yet.
Forward citations
Cited by 3 Pith papers
-
Agentic AI-Powered Re-Identification: An Emerging, Scalable Threat to Mobility Microdata Privacy
Agentic AI re-identifies 72% of individuals from simulated mobility traces by cross-referencing public web sources without human intervention.
-
When Should Memory Stay Silent: Measuring Memory-Use Boundaries in Memory-Augmented Conversational Agents
RBI-Eval shows LLMs integrate sensitive memory under benign prompts at rates 8.9-82.9% higher than no-memory baselines, with retrieval systems reducing but not eliminating the effect.
-
An LLM-based Chain-of-Response Counter-Scam System
Counter Scam is a multiagent LLM system that integrates safe data handling, nine role-specific NLP tasks, and a 185k-case scam corpus, with fine-tuned small models beating commercial LLMs by over 10% on those tasks.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.