AI-enabled fraud, scams and social engineering
The system is used to conduct or scale fraud, scams, phishing, social engineering, or market manipulation.
- Risk family
- Model & system behaviour
- MIT domain
- 4. Malicious Actors & Misuse
- MIT subdomain
- 4.3 > Fraud, scams, and targeted manipulation
- AI type
- GPAI, Agentic
- Scope
- Both
- Source standard
- MIT AI Risk Repository v4
Provenance
24 source framework citation keys
Framework crosswalk
Every framework item mapped to this risk. Items marked partial overlap only in part; definitions appear on hover where the source licence permits.
- A.11 ISO/IEC 23894 Annex A A.11
- A.9.4 ISO/IEC 42001 Annex A A.9.4
Expanded into this risk’s technique sub-risks.
- AISubtech-15.1.12 Safety Harms and Toxicity: Scams and Deception
- AISubtech-15.1.7 Safety Harms and Toxicity: Financial Harm partial
- AISubtech-18.1.1 Spam / Scam / Social Engineering Generation
Sub-risks (2)
Technique-level decompositions of this risk, each anchored to the MITRE ATLAS technique it derives from.
Users are manipulated into actions (opening content, running code) that compromise the AI system.
AI-generated phishing messages are used to gain access to the deployer's systems.
More in Model & system behaviour
Part of the Deployer AI Risk Register, an open-source resource developed by MindXO. Version 1.0, 3 July 2026. Derived from the MIT AI Risk Repository (V4, December 2025) under CC BY 4.0; an independent derivative work, not endorsed by or affiliated with MIT. Sub-risk decomposition references MITRE ATLAS™ v5.6.0 (© 2021-2026 The MITRE Corporation, reproduced and distributed with permission). ISO/IEC and EU AI Act references are by number only. License: CC BY 4.0. Full attribution and licensing.