Context: The proliferation of Large Language Models (LLMs) has lowered the barrier to entry for sophisticated social engineering attacks. Adversaries can now automate the inference of psychological traits from user data to generate highly persuasive, targeted phishing content.
Problem: Traditional cybersecurity defenses, such as signature-based Intrusion Detection Systems (IDS) and standard spam filters, are increasingly ineffective against these syntactically perfect and contextually aware AI-generated attacks. They fail to detect the subtle semantic anomalies that characterize algorithmic psychological manipulation.
Method: This study investigates the efficacy of an unsupervised learning framework designed to detect behavioral anomalies in email communications. We simulated an LLM-driven attack campaign that tailors phishing narratives to the Big Five personality traits (Openness, Conscientiousness, Extraversion, Agreeableness, Neuroticism). We then evaluated a hybrid detection model combining Long Short-Term Memory (LSTM) networks for sequence analysis and Isolation Forests for anomaly scoring.
Results: The simulation demonstrated that personality-aligned LLM attacks achieved a theoretical click-through rate 40% higher than generic phishing. However, the proposed behavioral anomaly detection system identified 88.5% of these sophisticated attacks by analyzing deviations in semantic density and communication patterns, outperforming traditional keyword-based filters which detected only 34%.
Conclusion: While LLMs significantly enhance the lethality of social engineering, analyzing the "psychological surface" of communication via unsupervised learning offers a robust countermeasure. Future defense architectures must move beyond content analysis to context and behavioral intent analysis.

Large Language Models, Social Engineering, Behavioral Anomaly Detection, Big Five Personality Traits

Rajgopal, P. R. . (2025). AI Threat Countermeasures: Defending Against LLM-Powered Social Engineering. International Journal of IoT, 5(02), 23-43. https://doi.org/10.55640/ijiot-05-02-03

Liang, X., & Zhao, J. (2020). "Towards Better Zero-Day Threat Detection." IEEETransactions on Information Forensics and Security, 15, 1381- 1392.

Liu, F., Huang, X., & Zhang, Y. (2020). Real-time anomaly detection in eCommerce usingunsupervised learning. IEEE Transactions on Industrial Informatics, 16(8), 5435-5442.

Liu, Q., Yang, Y., Ding, M., Guo, W., Wang, Q., & Jin, S. (2022). Reinforcement learning anddeep learning-based attacks on network intrusion detection systems. Journal of Network andComputer Applications, 210, 103512.

Shokri, R., & Shmatikov, V. (2015). Privacy- preserving deep learning. In Proceedings of the22nd ACM SIGSAC conference on computer and communications security (pp. 1310-1321).

Siddiqui, M. A., Alam, M., & Raza, M. (2019). "Detecting Phishing Emails Using AI and NLPTechniques." Cybersecurity and AI, 6(4), 297-309.

Sommer, R., & Paxson, V. (2010). Outside the closed world: On using machine learning fornetwork intrusion detection. In 2010 IEEE Symposium on Security and Privacy (pp. 305- 316).

Sommers, J., & Barford, P. (2012). Analyzing network traffic anomalies. Communications ofthe ACM, 55(9), 57-64.

Srinivas, M., Reddy, G. R., & Govardhan, A. (2019). "A Review on Security Threats andVulnerabilities in Cloud Computing." Journal of Cyber Security and Mobility, 8(3), 345-367.

Szegedy, C., Zaremba, W., Sutskever, I., Bruna, J., Erhan, D., Goodfellow, I., & Fergus, R.(2014). Intriguing properties of neural networks. arXiv preprint arXiv:1312.6199.

Peters, H., Cerf, M., Matz, S.C.: Large language models can infer personality from free-form user interactions. arXiv preprint arXiv:2405.13052 (2024)

Peters, H., Matz, S.C.: Large language models can infer psychological dispositions of social media users. PNAS nexus 3(6), pgae231 (2024)

Schmitt, M., Flechais, I.: Digital deception: Generative artificial intelligence in social engineering and phishing. Artificial Intelligence Review 57(12), 1–23 (2024)

Soto, C.J., John, O.P.: The next big five inventory (bfi-2): Developing and assessing a hierarchical model with 15 facets to enhance bandwidth, fidelity, and predictive power. Journal of Personality and Social Psychology 113(1), 117

(2017)

Stachl, C., Au, Q., Schoedel, R., Gosling, S.D., Harari, G.M., Buschek, D., Völkel, S.T., Schuwerk, T., Oldemeier, M., Ullmann, T., et al.: Predicting personality from patterns of behavior collected with smartphones. Proceedings of the National

Academy of Sciences 117(30), 17680–17687

(2020)

Szymoniak, S., Foks, K.: Open source intelligence opportunities and challenges–a review. Advances in Science and Technology. Research Journal 18(3) (2024)

Uebelacker, S., Quiel, S.: The social engineering personality framework. In: 2014 Workshop on Socio-Technical Aspects in Security and Trust.

pp. 24–30. IEEE (2014)Uebelacker, S., Quiel, S.: The social engineering personality framework. In: 2014 Workshop on Socio-Technical Aspects in Security and Trust. pp. 24–30. IEEE (2014)