"As of February 8, Davies says 2.6 million of these images have been added to Instagram with links to users' profiles, including both private and public accounts. "I am currently looking through different posts, and have identified a banker, a water treatment engineer, HR employee, a developer and a doctor in the last 5 posts I viewed," he said in a Wednesday blog."
""But given the scale of participants publicly posting this trend, we believe it is highly likely that some could be exploited in this way with the LLM account takeover. The fact that users are posting this personal work information publicly and using a prompt that said 'based on everything you know about me' it is feasible that sensitive information related to their employer could be viewable in the prompt history if takeover is successful.""
Publicly posting AI-generated caricatures that reference job roles and prompt text often reveals occupational details and signals LLM use at work. Such signals can enable attackers to target individuals for social engineering, attempt LLM account takeovers, and access prompt histories that may contain employer-sensitive information. Millions of images with profile links already exist online across private and public accounts, covering diverse professions. Models sometimes request extra context, and users may supply work-related details. Many employees use personal chatbots for work and many organizations lack visibility into which AI agents and systems access corporate apps and data.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]