AI Marketing to Bypass Spam Filters
anubi writes:
Marketing professionals are always looking for that "edge" that gets them noticed instead of automatically being kicked out by spam filters which were put in place specifically to handle exactly what they are doing.
Here is how AI is learning about individual targets in order to craft specifically worded unique business communication designed to appeal to maybe even one decision-maker in a corporate environment.
Spammers used OpenAI to generate messages that were unique to each recipient, allowing them to bypass spam-detection filters and blast unwanted messages to more than 80,000 websites in four months, researchers said Wednesday.
The finding, documented in a post published by security firm SentinelOne's SentinelLabs, underscores the double-edged sword wielded by large language models. The same thing that makes them useful for benign tasks-the breadth of data available to them and their ability to use it to generate content at scale-can often be used in malicious activities just as easily. OpenAI revoked the spammers' account in February.
The spam blast is the work of AkiraBot-a framework that automates the sending of messages in large quantities to promote shady search optimization services to small- and medium-size websites. AkiraBot used python-based scripts to rotate the domain names advertised in the messages. It also used OpenAI's chat API tied to the model gpt-4o-mini to generate unique messages customized to each site it spammed, a technique that likely helped it bypass filters that look for and block identical content sent to large numbers of sites. The messages are delivered through contact forms and live chat widgets embedded into the targeted websites.
"AkiraBot's use of LLM-generated spam message content demonstrates the emerging challenges that AI poses to defending websites against spam attacks," SentinelLabs researchers Alex Delamotte and Jim Walter wrote. "The easiest indicators to block are the rotating set of domains used to sell the Akira and ServiceWrap SEO offerings, as there is no longer a consistent approach in the spam message contents as there were with previous campaigns selling the services of these firms."
---------------------------------
Right now, I can toss email and phone threat communications from "toll-road authorities" who claim I violated their automated tolling machine. It seems all the evidence one needs to "prove" another's "guilt" is an accusation followed by publicly available "evidence" curated for this specific attack.
However, if they have to involve the United States Postal Service (USPS) , it's a felony.
https://www.criminaldefenselawyer.com/crime-penalties/federal/Federal-mail-fraud.htm
Read more of this story at SoylentNews.