Jailbreaking Generative AI: Empowering Novices to Conduct Phishing Attacks

• URL: http://arxiv.org/abs/2503.01395v1
• Date: Mon, 03 Mar 2025 10:51:10 GMT
• Title: Jailbreaking Generative AI: Empowering Novices to Conduct Phishing Attacks
• Authors: Rina Mishra, Gaurav Varshney, Shreya Singh,
• Abstract summary: This paper investigates the misuse of the latest AI model, ChatGPT-4o Mini, in facilitating social engineering attacks.<n>Our findings underscore the alarming ease with which even inexperienced users can execute sophisticated phishing campaigns.
• Score: 0.40964539027092917
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: The rapid advancements in generative AI models, such as ChatGPT, have introduced both significant benefits and new risks within the cybersecurity landscape. This paper investigates the potential misuse of the latest AI model, ChatGPT-4o Mini, in facilitating social engineering attacks, with a particular focus on phishing, one of the most pressing cybersecurity threats today. While existing literature primarily addresses the technical aspects, such as jailbreaking techniques, none have fully explored the free and straightforward execution of a comprehensive phishing campaign by novice users using ChatGPT-4o Mini. In this study, we examine the vulnerabilities of AI-driven chatbot services in 2025, specifically how methods like jailbreaking and reverse psychology can bypass ethical safeguards, allowing ChatGPT to generate phishing content, suggest hacking tools, and assist in carrying out phishing attacks. Our findings underscore the alarming ease with which even inexperienced users can execute sophisticated phishing campaigns, emphasizing the urgent need for stronger cybersecurity measures and heightened user awareness in the age of AI.

Related papers

• Countering Autonomous Cyber Threats [40.00865970939829]
  Foundation Models present dual-use concerns broadly and within the cyber domain specifically. Recent research has shown the potential for these advanced models to inform or independently execute offensive cyberspace operations. This work evaluates several state-of-the-art FMs on their ability to compromise machines in an isolated network and investigates defensive mechanisms to defeat such AI-powered attacks.
  arXiv  Detail & Related papers  (2024-10-23T22:46:44Z)
• Is Generative AI the Next Tactical Cyber Weapon For Threat Actors? Unforeseen Implications of AI Generated Cyber Attacks [0.0]
  This paper delves into the escalating threat posed by the misuse of AI, specifically through the use of Large Language Models (LLMs) Through a series of controlled experiments, the paper demonstrates how these models can be manipulated to bypass ethical and privacy safeguards to effectively generate cyber attacks. We also introduce Occupy AI, a customized, finetuned LLM specifically engineered to automate and execute cyberattacks.
  arXiv  Detail & Related papers  (2024-08-23T02:56:13Z)
• AbuseGPT: Abuse of Generative AI ChatBots to Create Smishing Campaigns [0.0]
  We propose AbuseGPT method to show how the existing generative AI-based chatbots can be exploited by attackers in real world to create smishing texts. We have found strong empirical evidences to show that attackers can exploit ethical standards in the existing generative AI-based chatbots services. We also discuss some future research directions and guidelines to protect the abuse of generative AI-based services.
  arXiv  Detail & Related papers  (2024-02-15T05:49:22Z)
• Exploring the Dark Side of AI: Advanced Phishing Attack Design and Deployment Using ChatGPT [2.4178831487657937]
  We make ChatGPT generate the following parts of a phishing attack. We show that recent advances in AI underscore the potential risks of its misuse in phishing attacks.
  arXiv  Detail & Related papers  (2023-09-19T09:31:39Z)
• From ChatGPT to ThreatGPT: Impact of Generative AI in Cybersecurity and Privacy [0.0]
  This research paper highlights the limitations, challenges, potential risks, and opportunities of GenAI in the domain of cybersecurity and privacy. The paper investigates how cyber offenders can use the GenAI tools in developing cyber attacks. We will also discuss the social, legal, and ethical implications of ChatGPT.
  arXiv  Detail & Related papers  (2023-07-03T00:36:57Z)
• Chatbots to ChatGPT in a Cybersecurity Space: Evolution, Vulnerabilities, Attacks, Challenges, and Future Recommendations [6.1194122931444035]
  OpenAI developed ChatGPT blizzard on the Internet as it crossed one million users within five days of its launch. With the enhanced popularity, ChatGPT experienced cybersecurity threats and vulnerabilities.
  arXiv  Detail & Related papers  (2023-05-29T12:26:44Z)
• Towards Automated Classification of Attackers' TTPs by combining NLP with ML Techniques [77.34726150561087]
  We evaluate and compare different Natural Language Processing (NLP) and machine learning techniques used for security information extraction in research. Based on our investigations we propose a data processing pipeline that automatically classifies unstructured text according to attackers' tactics and techniques.
  arXiv  Detail & Related papers  (2022-07-18T09:59:21Z)
• Proceedings of the Artificial Intelligence for Cyber Security (AICS) Workshop at AAAI 2022 [55.573187938617636]
  The workshop will focus on the application of AI to problems in cyber security. Cyber systems generate large volumes of data, utilizing this effectively is beyond human capabilities.
  arXiv  Detail & Related papers  (2022-02-28T18:27:41Z)
• A System for Efficiently Hunting for Cyber Threats in Computer Systems Using Threat Intelligence [78.23170229258162]
  We build ThreatRaptor, a system that facilitates cyber threat hunting in computer systems using OSCTI. ThreatRaptor provides (1) an unsupervised, light-weight, and accurate NLP pipeline that extracts structured threat behaviors from unstructured OSCTI text, (2) a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities, and (3) a query synthesis mechanism that automatically synthesizes a TBQL query from the extracted threat behaviors.
  arXiv  Detail & Related papers  (2021-01-17T19:44:09Z)
• Enabling Efficient Cyber Threat Hunting With Cyber Threat Intelligence [94.94833077653998]
  ThreatRaptor is a system that facilitates threat hunting in computer systems using open-source Cyber Threat Intelligence (OSCTI) It extracts structured threat behaviors from unstructured OSCTI text and uses a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities. Evaluations on a broad set of attack cases demonstrate the accuracy and efficiency of ThreatRaptor in practical threat hunting.
  arXiv  Detail & Related papers  (2020-10-26T14:54:01Z)
• Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain [58.30296637276011]
  This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques. It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
  arXiv  Detail & Related papers  (2020-07-05T18:22:40Z)
• Phishing and Spear Phishing: examples in Cyber Espionage and techniques to protect against them [91.3755431537592]
  Phishing attacks have become the most used technique in the online scams, initiating more than 91% of cyberattacks, from 2012 onwards. This study reviews how Phishing and Spear Phishing attacks are carried out by the phishers, through 5 steps which magnify the outcome.
  arXiv  Detail & Related papers  (2020-05-31T18:10:09Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.