logoalt Hacker News

nkrisctoday at 6:10 PM2 repliesview on HN

The AI part does seem relevant because it enabled incredibly low-effort “social” engineering.

For what it’s worth I don’t think you can call this social engineering since there was no human on the other end, even though it appears similar.

The question is, if there were actual human support agents, would they have built additional safeguards to prevent social engineering in this manner?

Replies

uxhackertoday at 7:10 PM

Why did the account recovery system need AI. Surely just an email would do? What added value would AI add?

show 1 reply
Vronditoday at 7:07 PM

There's no social engineering here, since all they have to do is copy and paste. This is a complete process design fail.