Social engineering refers to psychological manipulation techniques used to trick individuals into revealing confidential or sensitive information (e.g., phishing, impersonation, persuasion tactics). With LLMs becoming highly conversational and persuasive, they may unintentionally—or deliberately—be used as tools for such attacks.

This thesis investigates how susceptible users are to social engineering attempts mediated through LLMs. The project involves designing a controlled experimental setup, such as a malicious game or interactive scenario, where an LLM attempts to extract sensitive information from users under the guise of a benign task.

The research will explore:

• How LLM-generated interactions can mimic social engineering tactics (e.g., authority, urgency, trust-building)
• Which types of users or contexts are most vulnerable
• What kinds of information users are willing to disclose and why
• How awareness, interface design, or warnings influence susceptibility

The goal is to derive a design space.