DARR
MR-028 Model & system behaviour Both scope

AI-enabled fraud, scams and social engineering

The system is used to conduct or scale fraud, scams, phishing, social engineering, or market manipulation.

Risk family
Model & system behaviour
MIT domain
4. Malicious Actors & Misuse
MIT subdomain
4.3 > Fraud, scams, and targeted manipulation
AI type
GPAI, Agentic
Scope
Both
Source standard
MIT AI Risk Repository v4

Provenance

Source standard
MIT AI Risk Repository v4
Source frameworks
24 source framework citation keys
Anwar2024, Bengio2024, DSIT2023, EPIC2023, Ferrara2023, Gabriel2024, Ghosh2024, Gipiškis2024, Hammond2025, Li2025, Maham2023, NIST2024, Shevlane2023, Sun2023, TC2602024, Tse2025, Vidgen2024, Wang2025, Weidinger2021, Weidinger2022, Weidinger2023, Yampolskiy2016, Zeng2024, Zhang2023
ISO/IEC references
23894 obj A.11; src 7 | 42001 ctrl A.9.4

Framework crosswalk

Every framework item mapped to this risk. Items marked partial overlap only in part; definitions appear on hover where the source licence permits.

Sourcesframeworks that contributed to the register
ISO 238941
  • A.11 ISO/IEC 23894 Annex A A.11
ISO 420011
  • A.9.4 ISO/IEC 42001 Annex A A.9.4
MITRE ATLAS8

Expanded into this risk’s technique sub-risks.

Cross-checksframeworks mapped in to test coverage
Cisco3
  • AISubtech-15.1.12 Safety Harms and Toxicity: Scams and Deception
  • AISubtech-15.1.7 Safety Harms and Toxicity: Financial Harm partial
  • AISubtech-18.1.1 Spam / Scam / Social Engineering Generation

Sub-risks (2)

Technique-level decompositions of this risk, each anchored to the MITRE ATLAS technique it derives from.

MR-028.1

User-execution social engineering

#

Users are manipulated into actions (opening content, running code) that compromise the AI system.

MITRE ATLAS technique: AML.T0011 User Execution
MR-028.2

AI-enabled phishing for system access

#

AI-generated phishing messages are used to gain access to the deployer's systems.

MITRE ATLAS technique: AML.T0052 Phishing

Part of the Deployer AI Risk Register, an open-source resource developed by MindXO. Version 1.0, 3 July 2026. Derived from the MIT AI Risk Repository (V4, December 2025) under CC BY 4.0; an independent derivative work, not endorsed by or affiliated with MIT. Sub-risk decomposition references MITRE ATLAS™ v5.6.0 (© 2021-2026 The MITRE Corporation, reproduced and distributed with permission). ISO/IEC and EU AI Act references are by number only. License: CC BY 4.0. Full attribution and licensing.