Home
Periodic TableGlossaryResourcesCourses
Career GuideJob Board
MIT AI Risk RepositoryDashboardObservatoryRegulations
About UsPressContactFAQ
Donate
Back to the MIT repository
7. AI System Safety, Failures, & Limitations2 - Post-deployment

Social Engineering at Scale

Social Engineering at Scale. Advanced AI agents will be more easily able to interact with large numbers of humans, and vice versa. This provides a wider attack surface for various forms of automated social engineering (Ai et al., 2024). For example, coordinated agents could use advanced surveillance tools and produce personalized phishing or manipulative content at scale, adjusting their tactics based on user feedback (Figueiredo et al., 2024; Hazell, 2023). A large number of subtle interactions with a range of seemingly independent AI agents might be more likely to lead to someone being persuaded or manipulated compared to an interaction with a single agent. Moreover, splitting these efforts among many specialized agents could make it harder for corporate or personal security measures to detect and neutralize such campaigns.

Source: MIT AI Risk Repositorymit1245

ENTITY

2 - AI

INTENT

1 - Intentional

TIMING

2 - Post-deployment

Risk ID

mit1245

Domain lineage

7. AI System Safety, Failures, & Limitations

375 mapped risks

7.6 > Multi-agent risks

Mitigation strategy

1. **Implement Robust Agent Identity and Authorization Controls.** Mandate cryptographically secure, automated Multi-Factor Authentication (MFA) for all AI agents, utilizing mechanisms such as short-lived certificates and hardware security modules (HSMs). Concurrently, enforce the Principle of Least Privilege (PoLP) to strictly limit agent agency and scope to the minimum permissions required for their assigned task, thereby minimizing potential impact upon system compromise. 2. **Deploy Continuous Behavioral Analytics and Cross-Agent Correlation.** Establish baseline behavioral profiles for all agents and implement advanced security monitoring platforms (SIEM, SOAR) to track agent activity logs. The system must utilize cross-agent correlation to detect anomalous patterns of coordination, infer deceptive intent, and identify systemic failure cascades that characterize scaled influence campaigns. 3. **Formalize Cross-Channel Communication Protocols and Security Culture.** Establish and rigorously enforce clear organizational communication protocols, mandating two-factor, non-digital verification for all high-consequence requests (e.g., financial transfers, sensitive data access). Furthermore, cultivate an open security culture that empowers all employees to challenge or flag any suspicious, authority-exploiting communication without fear of reprisal.