Skip to main content
Springer Nature Link
Log in

Towards a Proof-of-Principle of an LLM-Powered Low Resource Social Engineering Attack Coach

  • Conference paper
  • First Online:
Augmented Cognition (HCII 2025)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 15778))

Included in the following conference series:

  • 282 Accesses

Abstract

This article investigates the potential misuse of large language models (LLM) for low-resource, highly personalised social engineering attacks. The study explores how ChatGPT can infer personality traits during natural conversations by leveraging publicly available personal information, such as social media data, as an entry point. Utilising the social engineering personality framework (SEPF), the research endeavours to optimise attack vectors based on the Big Five personality traits, with the objective of enhancing the persuasiveness of social engineering strategies. The approach is divided into four phases: verifying conversational capabilities, conducting personality analyses, applying the SEPF for attack optimisation, and evaluating the persuasiveness of personalised attacks. The present paper offers a proof-of-principle for the initial phase, demonstrating ChatGPT’s capacity to engage in natural conversations while conducting personality analyses in a discreet manner. The findings indicate that while ChatGPT exhibits the capacity to simulate human-like interactions, limitations in conversational variance and the reliability of personality assessment were observed. The study identifies challenges such as generalisations, lack of score differentiation, and confirmation bias, and proposes refinements like increasing interaction depth, adjusting scoring scales, and using tailored personas. Subsequent research will investigate enhanced personality inference techniques, personalisation of attack vectors, and their impact on susceptibility to social engineering attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+
from €39.99 /Month
  • Starting from 10 chapters or articles per month
  • Access and download chapters and articles from more than 300k books and 2,500 journals
  • Cancel anytime
View plans

Buy Now

Chapter
EUR 29.95
Price includes VAT (Germany)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 69.54
Price includes VAT (Germany)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 87.73
Price includes VAT (Germany)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

') var buybox = document.querySelector("[data-id=id_"+ timestamp +"]").parentNode var buyingOptions = buybox.querySelectorAll(".buying-option") ;[].slice.call(buyingOptions).forEach(initCollapsibles) var buyboxMaxSingleColumnWidth = 480 function initCollapsibles(subscription, index) { var toggle = subscription.querySelector(".buying-option-price") subscription.classList.remove("expanded") var form = subscription.querySelector(".buying-option-form") var priceInfo = subscription.querySelector(".price-info") var buyingOption = toggle.parentElement if (toggle && form && priceInfo) { toggle.setAttribute("role", "button") toggle.setAttribute("tabindex", "0") toggle.addEventListener("click", function (event) { var expandedBuyingOptions = buybox.querySelectorAll(".buying-option.expanded") var buyboxWidth = buybox.offsetWidth ;[].slice.call(expandedBuyingOptions).forEach(function(option) { if (buyboxWidth buyboxMaxSingleColumnWidth) { toggle.click() } else { if (index === 0) { toggle.click() } else { toggle.setAttribute("aria-expanded", "false") form.hidden = "hidden" priceInfo.hidden = "hidden" } } }) } initialStateOpen() if (window.buyboxInitialised) return window.buyboxInitialised = true initKeyControls() })()

Institutional subscriptions

Similar content being viewed by others

References

  1. Azucar, D., Marengo, D., Settanni, M.: Predicting the big 5 personality traits from digital footprints on social media: a meta-analysis. Pers. Individ. Differ. 124, 150–159 (2018)

    Article  Google Scholar 

  2. Cialdini, R.B.: Principles and techniques of social influence. Adv. Soc. Psychol. 256, 281 (1995)

    Google Scholar 

  3. Danner, D., et al.: Die deutsche version des big five inventory 2 (bfi-2). Zusammenstellung sozialwissenschaftlicher Items und Skalen (ZIS) (2016)

    Google Scholar 

  4. Deshpande, A., Murahari, V., Rajpurohit, T., Kalyan, A., Narasimhan, K.: Toxicity in chatgpt: analyzing persona-assigned language models. arXiv preprint arXiv:2304.05335 (2023)

  5. Evangelista, J., Sassi, R.J., Romero, M., Napolitano, D.: Systematic literature review to investigate the application of open source intelligence (OSINT) with artificial intelligence. J. Appl. Secur. Res. 16(3), 345–369 (2021)

    Article  Google Scholar 

  6. Gupta, M., Akiri, C., Aryal, K., Parker, E., Praharaj, L.: From chatgpt to threatgpt: impact of generative AI in cybersecurity and privacy. IEEE Access (2023)

    Google Scholar 

  7. Jones, C.R., Bergen, B.K.: People cannot distinguish GPT-4 from a human in a turing test. arXiv preprint arXiv:2405.08007 (2024)

  8. Matz, S., Teeny, J., Vaid, S.S., Peters, H., Harari, G., Cerf, M.: The potential of generative AI for personalized persuasion at scale. Sci. Rep. 14(1), 4692 (2024)

    Article  Google Scholar 

  9. McCrae, R.R., John, O.P.: An introduction to the five-factor model and its applications. J. Pers. 60(2), 175–215 (1992)

    Article  Google Scholar 

  10. OpenAI: GPT-4 technical report. arXiv preprint arXiv:2303.08774 (2023)

  11. Park, J.S., et al.: Generative agent simulations of 1,000 people. arXiv preprint arXiv:2411.10109 (2024)

  12. Parrish, J.L., Jr., Bailey, J.L., Courtney, J.F.: A personality based model for determining susceptibility to phishing attacks. Little Rock: University of Arkansas, pp. 285–296 (2009)

    Google Scholar 

  13. Pastor-Galindo, J., Nespoli, P., Mármol, F.G., Pérez, G.M.: The not yet exploited goldmine of OSINT: opportunities, open challenges and future trends. IEEE Access 8, 10282–10304 (2020)

    Article  Google Scholar 

  14. Peters, H., Cerf, M., Matz, S.C.: Large language models can infer personality from free-form user interactions. arXiv preprint arXiv:2405.13052 (2024)

  15. Peters, H., Matz, S.C.: Large language models can infer psychological dispositions of social media users. PNAS Nexus 3(6), 231 (2024)

    Article  Google Scholar 

  16. Schmitt, M., Flechais, I.: Digital deception: generative artificial intelligence in social engineering and phishing. Artif. Intell. Rev. 57(12), 1–23 (2024)

    Article  Google Scholar 

  17. Soto, C.J., John, O.P.: The next big five inventory (BFI-2): developing and assessing a hierarchical model with 15 facets to enhance bandwidth, fidelity, and predictive power. J. Pers. Soc. Psychol. 113(1), 117 (2017)

    Article  Google Scholar 

  18. Stachl, C., et al.: Predicting personality from patterns of behavior collected with smartphones. Proc. Natl. Acad. Sci. 117(30), 17680–17687 (2020)

    Article  Google Scholar 

  19. Szymoniak, S., Foks, K.: Open source intelligence opportunities and challenges–a review. Adv. Sci. Technol. Res. J. 18(3) (2024)

    Google Scholar 

  20. Uebelacker, S., Quiel, S.: The social engineering personality framework. In: 2014 Workshop on Socio-Technical Aspects in Security and Trust, pp. 24–30. IEEE (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Albstadt-Sigmaringen University, Albstadt, Germany

    Lea Müller, Stefan Sütterlin & Holger Morgenstern

  2. Østfold University College, Halden, Norway

    Stefan Sütterlin

Authors
  1. Lea Müller
    View author publications

    Search author on:PubMed Google Scholar

  2. Stefan Sütterlin
    View author publications

    Search author on:PubMed Google Scholar

  3. Holger Morgenstern
    View author publications

    Search author on:PubMed Google Scholar

Corresponding author

Correspondence to Lea Müller .

Editor information

Editors and Affiliations

  1. Soar Technology Inc., Orlando, FL, USA

    Dylan D. Schmorrow

  2. Katmai Government Services, Orlando, FL, USA

    Cali M. Fidopiastis

Ethics declarations

Disclosure of Interests

The authors have no competing interests to declare that are relevant to the content of this article.

Rights and permissions

Reprints and permissions

Copyright information

© 2025 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Müller, L., Sütterlin, S., Morgenstern, H. (2025). Towards a Proof-of-Principle of an LLM-Powered Low Resource Social Engineering Attack Coach. In: Schmorrow, D.D., Fidopiastis, C.M. (eds) Augmented Cognition. HCII 2025. Lecture Notes in Computer Science(), vol 15778. Springer, Cham. https://doi.org/10.1007/978-3-031-93724-8_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-93724-8_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-93723-1

  • Online ISBN: 978-3-031-93724-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics