Recent advancements in Large Language Models (LLMs) have established them as agentic systems capable of planning and interacting with various tools. These LLM agents are often paired with web-based tools, enabling access to diverse sources and real-time information. Although these advancements offer significant benefits across various applications, they also increase the risk of malicious use, particularly in cyberattacks involving personal information. In this work, we investigate the risks associated with misuse of LLM agents in cyberattacks involving personal data. Specifically, we aim to understand: 1) how potent LLM agents can be when directed to conduct cyberattacks, 2) how cyberattacks are enhanced by web-based tools, and 3) how affordable and easy it becomes to launch cyberattacks using LLM agents. We examine three attack scenarios: the collection of Personally Identifiable Information (PII), the generation of impersonation posts, and the creation of spear-phishing emails. Our experiments reveal the effectiveness of LLM agents in these attacks: LLM agents achieved a precision of up to 95.9% in collecting PII, up to 93.9% of impersonation posts created by LLM agents were evaluated as authentic, and the click rate for links in spear phishing emails created by LLM agents reached up to 46.67%. Additionally, our findings underscore the limitations of existing safeguards in contemporary commercial LLMs, emphasizing the urgent need for more robust security measures to prevent the misuse of LLM agents.

翻译：近年来，大语言模型（LLM）的进展已使其成为能够规划并与多种工具交互的智能体系统。这些LLM智能体常与基于网络的工具结合，从而能够访问多样化来源和实时信息。尽管这些进步为各类应用带来了显著益处，但也增加了恶意使用的风险，尤其是在涉及个人信息的网络攻击中。本研究探讨了在涉及个人数据的网络攻击中滥用LLM智能体所关联的风险。具体而言，我们旨在理解：1）当被引导实施网络攻击时，LLM智能体能产生多大效力；2）基于网络的工具如何增强网络攻击；3）使用LLM智能体发起网络攻击的成本与便捷性如何变化。我们考察了三种攻击场景：个人可识别信息（PII）收集、仿冒帖文生成以及鱼叉式钓鱼邮件制作。实验结果表明LLM智能体在这些攻击中的有效性：在收集PII时，LLM智能体精度最高可达95.9%；LLM智能体生成的仿冒帖文最高有93.9%被评估为真实可信；LLM智能体制作的鱼叉式钓鱼邮件中链接的点击率最高达到46.67%。此外，我们的研究结果凸显了当前商用LLM现有防护机制的局限性，强调亟需建立更强大的安全措施以防止LLM智能体的滥用。