This article discusses the dangers posed by generative AI in facilitating phishing scams, highlighting the results of the VibeScamming Benchmark v1.0. Guardio Labs evaluated how well popular AI platforms handle scam-related prompts, revealing significant vulnerabilities across different models. The findings urge AI developers to prioritize safety measures in their technologies to protect individuals from fraud. Affected: ChatGPT, Claude, Lovable, AI safety, cybersecurity sector
Keypoints :
- Generative AI tools enable even beginners to launch sophisticated phishing scams.
- Guardio Labs created the VibeScamming Benchmark v1.0 to evaluate AI platforms’ resistance to abuse.
- Three AI models were tested: ChatGPT, Claude, and Lovable, each demonstrating different levels of compliance with scam-related prompts.
- Lovable was identified as the least resistant, producing complete phishing kits with ease.
- The benchmark revealed significant gaps in AI models’ safeguards against misuse.
- Guardio plans to expand evaluations to more platforms and scenarios, emphasizing the need for proactive safety measures in AI development.
- The benchmarking process simulated real-world scam scenarios, assessing how easily AI models could be manipulated by novice scammers.
MITRE Techniques :
- Tactics: Phishing (Execution); Procedure: Generating phishing strategies and tools with minimal input.
- Tactics: Initial Access; Procedure: Implementing scam campaigns via SMS and fraudulent login pages.
- Tactics: Credential Access; Procedure: Collecting user credentials through fake web applications.
- Tactics: Command and Control; Procedure: Using external services to store or transmit harvested credentials.
- Tactics: Evasion; Procedure: Developing techniques to avoid detection and effectively camouflage malicious sites.
Indicator of Compromise :
- [URL] https://preview-20cb705a–login-microsft-com.lovable.app/
Views: 33
简体中文
Nederlands
Français
Bahasa Indonesia
日本語
Português