{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,15]],"date-time":"2025-08-15T02:32:56Z","timestamp":1755225176072,"version":"3.43.0"},"publisher-location":"New York, NY, USA","reference-count":94,"publisher":"ACM","funder":[{"name":"Funda\u00e7\u00e3o para a Ci\u00eancia e Tecnologia (FCT)","award":["UIDB\/50021\/2020"],"award-info":[{"award-number":["UIDB\/50021\/2020"]}]},{"name":"IAPMEI","award":["C6632206063-00466847"],"award-info":[{"award-number":["C6632206063-00466847"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,8,25]]},"DOI":"10.1145\/3708821.3733866","type":"proceedings-article","created":{"date-parts":[[2025,8,13]],"date-time":"2025-08-13T06:30:56Z","timestamp":1755066656000},"page":"407-424","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Sounds Vishy: Automating Vishing Attacks with AI-Powered Systems"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0008-1384-5383","authenticated-orcid":false,"given":"Jo\u00e3o","family":"Figueiredo","sequence":"first","affiliation":[{"name":"INESC-ID \/ Instituto Superior T\u00e9cnico, Universidade de Lisboa, Lisboa, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-7471-484X","authenticated-orcid":false,"given":"Afonso","family":"Carvalho","sequence":"additional","affiliation":[{"name":"INESC-ID \/ Instituto Superior T\u00e9cnico, Universidade de Lisboa, Lisboa, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7564-0454","authenticated-orcid":false,"given":"Daniel","family":"Castro","sequence":"additional","affiliation":[{"name":"INESC-ID \/ Instituto Superior T\u00e9cnico, Universidade de Lisboa, Lisboa, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5121-6296","authenticated-orcid":false,"given":"Daniel","family":"Gon\u00e7alves","sequence":"additional","affiliation":[{"name":"INESC-ID \/ Instituto Superior T\u00e9cnico, Universidade de Lisboa, Lisboa, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9938-0653","authenticated-orcid":false,"given":"Nuno","family":"Santos","sequence":"additional","affiliation":[{"name":"INESC-ID \/ Instituto Superior T\u00e9cnico, Universidade de Lisboa, Lisboa, Portugal"}]}],"member":"320","published-online":{"date-parts":[[2025,8,24]]},"reference":[{"key":"e_1_3_3_1_2_2","unstructured":"[n. d.]. https:\/\/github.com\/ollama\/ollama. Accessed: 2024-02-05."},{"key":"e_1_3_3_1_3_2","unstructured":"[n. d.]. https:\/\/github.com\/neonbjb\/tortoise-tts. 2024-01-04."},{"key":"e_1_3_3_1_4_2","unstructured":"[n. d.]. https:\/\/github.com\/suno-ai\/bark. Accessed: 2024-02-05."},{"key":"e_1_3_3_1_5_2","unstructured":"[n. d.]. https:\/\/elevenlabs.io\/. accessed: 2024-01-04."},{"key":"e_1_3_3_1_6_2","unstructured":"[n. d.]. https:\/\/researcher-help.prolific.com\/hc\/en-gb\/articles\/4407697246610-Can-I-run-studies-that-deceive-participants. Accessed: 2024-02-06."},{"key":"e_1_3_3_1_7_2","unstructured":"[n. d.]. https:\/\/learn.microsoft.com\/en-us\/microsoft-365\/security\/office-365-security\/attack-simulation-training-simulations?view=o365-worldwide. Accessed: 2024-02-07."},{"key":"e_1_3_3_1_8_2","unstructured":"[n. d.]. https:\/\/openai.com\/blog\/chatgpt. accessed: 2024-06-06."},{"key":"e_1_3_3_1_9_2","unstructured":"[n. d.]. https:\/\/github.com\/MatthewCYM\/VoiceBench. Accessed: 2025-02-25."},{"key":"e_1_3_3_1_10_2","unstructured":"[n. d.]. ViKing repository. https:\/\/github.com\/ai-automated-vishing\/Viking."},{"key":"e_1_3_3_1_11_2","unstructured":"2015. Ubiquiti Networks Says It Was Victim of $47 Million Cyber Scam. https:\/\/www.nbcnews.com\/tech\/security\/ubiquiti-networks-says-it-was-victim-47-million-cyber-scam-n406201. Accessed: 2025-01-15."},{"key":"e_1_3_3_1_12_2","unstructured":"2018. Pathe Loses More Than $21 Million in Internet Scam. https:\/\/variety.com\/2018\/film\/news\/pathe-loses-more-than-21-million-internet-scam-1203027025\/. Accessed: 2025-01-15."},{"key":"e_1_3_3_1_13_2","unstructured":"2019. Chinese group swindles $18.5 million from Indian arm of Italian company - Economic Times. https:\/\/www.reuters.com\/article\/us-mairetecnimont-india-fraud\/chinese-group-swindles-18-5-million-from-indian-arm-of-italian-company-economic-times-idUSKCN1P40KE\/. Accessed: 2025-01-15."},{"key":"e_1_3_3_1_14_2","unstructured":"2021. Global Tech Support Scam Research. https:\/\/blogs.microsoft.com\/wp-content\/uploads\/prod\/sites\/5\/2021\/07\/MSFT-2021-Global-Tech-Support-Scam-Research-Report.pdf. Accessed: 2025-01-15."},{"key":"e_1_3_3_1_15_2","unstructured":"2023. ChatGPT_DAN. https:\/\/github.com\/0xk1h0\/ChatGPT_DAN. Accessed: 2023-07-21."},{"key":"e_1_3_3_1_16_2","unstructured":"2024. https:\/\/cloud.google.com\/text-to-speech. 2024-02-05."},{"key":"e_1_3_3_1_17_2","unstructured":"2024. https:\/\/www.twilio.com\/. Accessed: 2024-02-05."},{"key":"e_1_3_3_1_18_2","unstructured":"2024. https:\/\/www.mturk.com\/. Accessed: 2024-02-06."},{"key":"e_1_3_3_1_19_2","unstructured":"2024. https:\/\/www.prolific.com\/. Accessed: 2024-02-05."},{"key":"e_1_3_3_1_20_2","unstructured":"2024. Cost of a Data Breach Report 2024. https:\/\/www.ibm.com\/reports\/data-breach. Accessed: 2025-01-15."},{"key":"e_1_3_3_1_21_2","unstructured":"2025. Social Engineering Statistics. https:\/\/secureframe.com\/blog\/social-engineering-statistics. Accessed: 2025-01-15."},{"key":"e_1_3_3_1_22_2","first-page":"79","volume-title":"ACM Workshop on Artificial Intelligence and Security","author":"Abdelnabi Sahar","year":"2023","unstructured":"Sahar Abdelnabi, Kai Greshake, Shailesh Mishra, Christoph Endres, Thorsten Holz, and Mario Fritz. 2023. Not What You\u2019ve Signed Up For: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection. In ACM Workshop on Artificial Intelligence and Security. 79\u201390."},{"key":"e_1_3_3_1_23_2","unstructured":"Josh Achiam Steven Adler Sandhini Agarwal Lama Ahmad Ilge Akkaya Florencia\u00a0Leoni Aleman Diogo Almeida Janko Altenschmidt Sam Altman Shyamal Anadkat et\u00a0al. 2023. Gpt-4 technical report. arXiv:https:\/\/arXiv.org\/abs\/2303.08774 (2023)."},{"key":"e_1_3_3_1_24_2","unstructured":"Keyu An Qian Chen Chong Deng Zhihao Du Changfeng Gao Zhifu Gao Yue Gu Ting He Hangrui Hu Kai Hu et\u00a0al. 2024. Funaudiollm: Voice understanding and generation foundation models for natural interaction between humans and llms. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2407.04051 (2024)."},{"key":"e_1_3_3_1_25_2","doi-asserted-by":"crossref","unstructured":"Mousumi Banerjee Michelle Capozzoli Laura McSweeney and Debajyoti Sinha. 1999. Beyond kappa: A review of interrater agreement measures. Canadian journal of statistics 27 1 (1999) 3\u201323.","DOI":"10.2307\/3315487"},{"key":"e_1_3_3_1_26_2","first-page":"2691","volume-title":"USENIX Security Symposium","author":"Blue Logan","year":"2022","unstructured":"Logan Blue, Kevin Warren, Hadi Abdullah, Cassidy Gibson, Luis Vargas, Jessica O\u2019Dell, Kevin Butler, and Patrick Traynor. 2022. Who Are You (I Really Wanna Know)? Detecting Audio DeepFakes Through Vocal Tract Reconstruction. In USENIX Security Symposium. 2691\u20132708."},{"key":"e_1_3_3_1_27_2","first-page":"2709","volume-title":"International Conference on Machine Learning","volume":"162","author":"Casanova Edresson","year":"2022","unstructured":"Edresson Casanova, Julian Weber, Christopher\u00a0D Shulby, Arnaldo\u00a0Candido Junior, Eren G\u00f6lge, and Moacir\u00a0A Ponti. 2022. YourTTS: Towards Zero-Shot Multi-Speaker TTS and Zero-Shot Voice Conversion for Everyone. In International Conference on Machine Learning , Kamalika Chaudhuri, Stefanie Jegelka, Le\u00a0Song, Csaba Szepesvari, Gang Niu, and Sivan Sabato (Eds.), Vol.\u00a0162. PMLR, 2709\u20132720."},{"key":"e_1_3_3_1_28_2","doi-asserted-by":"crossref","unstructured":"Marco Cascella Jonathan Montomoli Valentina Bellini and Elena Bignami. 2023. Evaluating the feasibility of ChatGPT in healthcare: an analysis of multiple clinical and research scenarios. Journal of Medical Systems 47 1 (2023) 33.","DOI":"10.1007\/s10916-023-01925-4"},{"key":"e_1_3_3_1_29_2","doi-asserted-by":"publisher","DOI":"10.1145\/3613904.3641943"},{"key":"e_1_3_3_1_30_2","unstructured":"Yiming Chen Xianghu Yue Chen Zhang Xiaoxue Gao Robby\u00a0T. Tan and Haizhou Li. 2024. VoiceBench: Benchmarking LLM-Based Voice Assistants. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2410.17196 (2024)."},{"key":"e_1_3_3_1_31_2","unstructured":"Wei-Lin Chiang Zhuohan Li Zi Lin Ying Sheng Zhanghao Wu Hao Zhang Lianmin Zheng Siyuan Zhuang Yonghao Zhuang Joseph\u00a0E Gonzalez et\u00a0al. 2023. Vicuna: An open-source chatbot impressing gpt-4 with 90%* chatgpt quality. See https:\/\/vicuna. lmsys. org (accessed 14 April 2023) (2023)."},{"key":"e_1_3_3_1_32_2","unstructured":"Joseph Cox. 2023. Vice. https:\/\/www.vice.com\/en\/article\/dy7axa\/how-i-broke-into-a-bank-account-with-an-ai-generated-voice. accessed: 2024-06-06."},{"key":"e_1_3_3_1_33_2","doi-asserted-by":"crossref","unstructured":"Yang Deng Lizi Liao Liang Chen Hongru Wang Wenqiang Lei and Tat-Seng Chua. 2023. Prompting and evaluating large language models for proactive dialogues: Clarification target-guided and non-collaboration. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2305.13626 (2023).","DOI":"10.18653\/v1\/2023.findings-emnlp.711"},{"key":"e_1_3_3_1_34_2","series-title":"(CHI\u201923)","first-page":"1","volume-title":"CHI Conference on Human Factors in Computing Systems","author":"Distler Verena","year":"2023","unstructured":"Verena Distler. 2023. The influence of context on response to spear-phishing attacks: An in-situ deception study. In CHI Conference on Human Factors in Computing Systems(CHI\u201923). 1\u201318."},{"key":"e_1_3_3_1_35_2","doi-asserted-by":"crossref","unstructured":"Christof Ebert and Panos Louridas. 2023. Generative AI for software practitioners. IEEE Software 40 4 (2023) 30\u201338.","DOI":"10.1109\/MS.2023.3265877"},{"key":"e_1_3_3_1_36_2","doi-asserted-by":"publisher","DOI":"10.5281\/zenodo.6334862"},{"key":"e_1_3_3_1_37_2","unstructured":"Europol. 2022. https:\/\/www.europol.europa.eu\/media-press\/newsroom\/news\/europol-and-eurojust-support-czech-and-ukrainian-police-in-taking-down-multi-million-euro-voice-phishing-gang. accessed: 2024-06-06."},{"key":"e_1_3_3_1_38_2","doi-asserted-by":"crossref","unstructured":"Ahlam Fakieh and Aymen Akremi. 2022. An Effective Blockchain-Based Defense Model for Organizations against Vishing Attacks. Applied Sciences 12 24 (Dec. 2022) 13020.","DOI":"10.3390\/app122413020"},{"key":"e_1_3_3_1_39_2","doi-asserted-by":"crossref","unstructured":"I. Ghafir J. Saleem M. Hammoudeh H. Faour V. Prenosil S. Jaf S. Jabbar and T. Baker. 2018. Security threats to critical infrastructure: the human factor. The Journal of Supercomputing 74 (2018) 4986\u20135002.","DOI":"10.1007\/s11227-018-2337-2"},{"key":"e_1_3_3_1_40_2","unstructured":"Google Speech-to-Text. 2024. https:\/\/cloud.google.com\/speech-to-text. 2024-02-05."},{"key":"e_1_3_3_1_41_2","volume-title":"Workshop on Usable Security and Privacy (USEC)","author":"Gopavaram Shakthidhar","year":"2021","unstructured":"Shakthidhar Gopavaram, Jayati Dev, Marthie Grobler, DongInn Kim, Sanchari Das, and L\u00a0Jean Camp. 2021. Cross-national study on phishing resilience. In Workshop on Usable Security and Privacy (USEC)."},{"key":"e_1_3_3_1_42_2","doi-asserted-by":"publisher","DOI":"10.1145\/2994459.2994471"},{"key":"e_1_3_3_1_43_2","doi-asserted-by":"publisher","DOI":"10.1145\/3544549.3585823"},{"key":"e_1_3_3_1_44_2","unstructured":"Julian Hazell. 2023. Large language models can be used to effectively scale spear phishing campaigns. arXiv:https:\/\/arXiv.org\/abs\/2305.06972 (2023)."},{"key":"e_1_3_3_1_45_2","unstructured":"Fredrik Heiding Bruce Schneier Arun Vishwanath and Jeremy Bernstein. 2023. Devising and detecting phishing: Large language models vs. smaller human models. arXiv:https:\/\/arXiv.org\/abs\/2308.12287 (2023)."},{"key":"e_1_3_3_1_46_2","unstructured":"Zhiqiang Hu Yihuai Lan Lei Wang Wanyu Xu Ee-Peng Lim Roy Ka-Wei Lee Lidong Bing and Soujanya Poria. 2023. LLM-Adapters: An Adapter Family for Parameter-Efficient Fine-Tuning of Large Language Models. arXiv:https:\/\/arXiv.org\/abs\/2304.01933 (2023)."},{"key":"e_1_3_3_1_47_2","unstructured":"Interpol. 2022. https:\/\/www.interpol.int\/en\/News-and-Events\/News\/2022\/Cyber-enabled-financial-crime-USD-130-million-intercepted-in-global-INTERPOL-police-operation. accessed: 2024-06-06."},{"key":"e_1_3_3_1_48_2","doi-asserted-by":"crossref","unstructured":"Suhaima Jamal and Hayden Wimmer. 2023. An improved transformer-based model for detecting phishing spam and ham: A large language model approach. arXiv:https:\/\/arXiv.org\/abs\/2311.04913 (2023).","DOI":"10.21203\/rs.3.rs-3608294\/v1"},{"key":"e_1_3_3_1_49_2","doi-asserted-by":"crossref","unstructured":"Bernard\u00a0J Jansen Soon-gyo Jung and Joni Salminen. 2023. Employing large language models in survey research. Natural Language Processing Journal 4 (2023) 100020.","DOI":"10.1016\/j.nlp.2023.100020"},{"key":"e_1_3_3_1_50_2","unstructured":"C. Jemine. 2019. Real-time voice cloning. https:\/\/github.com\/CorentinJ\/Real-Time-Voice-Cloning. University of Li\u00e9ge Li\u00e9ge Belgium. accessed: 2024-01-04."},{"key":"e_1_3_3_1_51_2","doi-asserted-by":"crossref","unstructured":"Keith\u00a0S Jones Miriam\u00a0E Armstrong McKenna\u00a0K Tornblad and Akbar Siami\u00a0Namin. 2021. How social engineers use persuasion principles during vishing attacks. Information & Computer Security 29 2 (2021) 314\u2013331.","DOI":"10.1108\/ICS-07-2020-0113"},{"key":"e_1_3_3_1_52_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.10179374"},{"key":"e_1_3_3_1_53_2","unstructured":"Weirui Kuang Bingchen Qian Zitao Li Daoyuan Chen Dawei Gao Xuchen Pan Yuexiang Xie Yaliang Li Bolin Ding and Jingren Zhou. 2023. Federatedscope-llm: A comprehensive package for fine-tuning large language models in federated learning. arXiv:https:\/\/arXiv.org\/abs\/2309.00363 (2023)."},{"key":"e_1_3_3_1_54_2","doi-asserted-by":"crossref","unstructured":"Daniele Lain Kari Kostiainen and Srdjan Capkun. 2021. Phishing in Organizations: Findings from a Large-Scale and Long-Term Study. 2022 IEEE Symposium on Security and Privacy (SP) (2021) 842\u2013859. https:\/\/api.semanticscholar.org\/CorpusID:245131301","DOI":"10.1109\/SP46214.2022.9833766"},{"key":"e_1_3_3_1_55_2","doi-asserted-by":"publisher","DOI":"10.1109\/eCrime54498.2021.9738792"},{"key":"e_1_3_3_1_56_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00034"},{"key":"e_1_3_3_1_57_2","first-page":"3793","volume-title":"USENIX Security","author":"Lin Yun","year":"2021","unstructured":"Yun Lin, Ruofan Liu, Dinil\u00a0Mon Divakaran, Jun\u00a0Yang Ng, Qing\u00a0Zhou Chan, Yiwen Lu, Yuxuan Si, Fan Zhang, and Jin\u00a0Song Dong. 2021. Phishpedia: A hybrid deep learning based approach to visually identify phishing webpages. In USENIX Security. 3793\u20133810."},{"key":"e_1_3_3_1_58_2","doi-asserted-by":"publisher","DOI":"10.1145\/3481357.3481515"},{"key":"e_1_3_3_1_59_2","volume-title":"CHI Conference on Human Factors in Computing Systems","author":"McDonald Allison","year":"2021","unstructured":"Allison McDonald, Carlo Sugatan, Tamy Guberek, and Florian Schaub. 2021. The Annoying, the Disturbing, and the Weird:Challenges with Phone Numbers as Identifiers and Phone Number Recycling. In CHI Conference on Human Factors in Computing Systems. Article 559, 14\u00a0pages."},{"key":"e_1_3_3_1_60_2","doi-asserted-by":"crossref","unstructured":"Sandhya Mishra and Devpriya Soni. 2020. Smishing Detector: A security model to detect smishing through SMS content analysis and URL behavior analysis. Future Generation Computer Systems 108 (2020) 803\u2013815.","DOI":"10.1016\/j.future.2020.03.021"},{"key":"e_1_3_3_1_61_2","doi-asserted-by":"crossref","unstructured":"Sandhya Mishra and Devpriya Soni. 2023. Dsmishsms-A system to detect smishing SMS. Neural Computing and Applications 35 7 (2023) 4975\u20134992.","DOI":"10.1007\/s00521-021-06305-y"},{"key":"e_1_3_3_1_62_2","doi-asserted-by":"publisher","DOI":"10.1109\/CW.2015.52"},{"key":"e_1_3_3_1_63_2","doi-asserted-by":"crossref","unstructured":"Francois Mouton Louise Leenen and Hein\u00a0S Venter. 2016. Social engineering attack examples templates and scenarios. Computers & Security 59 (2016) 186\u2013209.","DOI":"10.1016\/j.cose.2016.03.004"},{"key":"e_1_3_3_1_64_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-19-0604-6_47"},{"key":"e_1_3_3_1_65_2","doi-asserted-by":"crossref","unstructured":"G. Ollmann. 2004. The phishing guide. NGS Software Insight Security Research (2004).","DOI":"10.1016\/S1353-4858(04)00050-9"},{"key":"e_1_3_3_1_66_2","unstructured":"Oregon State University Human Research Protection Program and IRB. [n. d.]. https:\/\/research.oregonstate.edu\/irb\/research-involving-deception. Accessed: 2024-02-07."},{"key":"e_1_3_3_1_67_2","doi-asserted-by":"publisher","DOI":"10.1145\/3586183.3606763"},{"key":"e_1_3_3_1_68_2","unstructured":"Rodrigo Pedro Daniel Castro Paulo Carreira and Nuno Santos. 2023. From Prompt Injections to SQL Injection Attacks: How Protected is Your LLM-Integrated Web Application? arXiv:https:\/\/arXiv.org\/abs\/2308.01990 (2023). arxiv:https:\/\/arXiv.org\/abs\/2308.01990\u00a0[cs.CR]"},{"key":"e_1_3_3_1_69_2","first-page":"1","volume-title":"CHI conference on human factors in computing systems","author":"Petelka Justin","year":"2019","unstructured":"Justin Petelka, Yixin Zou, and Florian Schaub. 2019. Put your warning where your link is: Improving and evaluating email phishing warnings. In CHI conference on human factors in computing systems. 1\u201315."},{"key":"e_1_3_3_1_70_2","volume-title":"IEEE 2011 workshop on automatic speech recognition and understanding","author":"Povey D.","year":"2011","unstructured":"D. Povey, A. Ghoshal, G. Boulianne, L. Burget, O. Glembek, N. Goel, M. Hannemann, P. Motlicek, Y. Qian, P. Schwarz, et\u00a0al. 2011. The Kaldi speech recognition toolkit. In IEEE 2011 workshop on automatic speech recognition and understanding. IEEE Signal Processing Society."},{"key":"e_1_3_3_1_71_2","first-page":"397","volume-title":"USENIX Security Symposium","author":"Prasad Sathvik","year":"2020","unstructured":"Sathvik Prasad, Elijah Bouma-Sims, Athishay\u00a0Kiran Mylappan, and Bradley Reaves. 2020. Who\u2019s calling? characterizing robocalls through audio and metadata analysis. In USENIX Security Symposium. 397\u2013414."},{"key":"e_1_3_3_1_72_2","unstructured":"Kaizhi Qian Yang Zhang Shiyu Chang Xuesong Yang and Mark Hasegawa-Johnson. 2019. AutoVC: Zero-Shot Voice Style Transfer with Only Autoencoder Loss(Machine Learning Research Vol.\u00a097). PMLR Long Beach California USA 5210\u20135219."},{"key":"e_1_3_3_1_73_2","first-page":"28492","volume-title":"International Conference on Machine Learning","author":"Radford Alec","year":"2023","unstructured":"Alec Radford, Jong\u00a0Wook Kim, Tao Xu, Greg Brockman, Christine McLeavey, and Ilya Sutskever. 2023. Robust speech recognition via large-scale weak supervision. In International Conference on Machine Learning. PMLR, 28492\u201328518."},{"key":"e_1_3_3_1_74_2","unstructured":"Paul\u00a0K Rubenstein Chulayuth Asawaroengchai Duc\u00a0Dung Nguyen Ankur Bapna Zal\u00e1n Borsos F\u00e9lix de\u00a0Chaumont Quitry Peter Chen Dalia\u00a0El Badawy Wei Han Eugene Kharitonov et\u00a0al. 2023. Audiopalm: A large language model that can speak and listen. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2306.12925 (2023)."},{"key":"e_1_3_3_1_75_2","unstructured":"Mark Russinovich. 2023. BlueHat 2023: Mark Russinovich Keynote. Microsoft Security Response Center (MSRC) Tel Aviv Israel."},{"key":"e_1_3_3_1_76_2","series-title":"(SOUPS\u201917)","first-page":"319","volume-title":"USENIX Symposium on Usable Privacy and Security","author":"Sahin Merve","year":"2017","unstructured":"Merve Sahin, Marc Relieu, and Aur\u00e9lien Francillon. 2017. Using chatbots against voice spam: Analyzing Lenny\u2019s effectiveness. In USENIX Symposium on Usable Privacy and Security(SOUPS\u201917). 319\u2013337."},{"key":"e_1_3_3_1_77_2","unstructured":"Erfan Shayegani Md\u00a0Abdullah\u00a0Al Mamun Yu Fu Pedram Zaree Yue Dong and Nael Abu-Ghazaleh. 2023. Survey of Vulnerabilities in Large Language Models Revealed by Adversarial Attacks. arxiv:https:\/\/arXiv.org\/abs\/2310.10844\u00a0[cs.CL]"},{"key":"e_1_3_3_1_78_2","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753383"},{"key":"e_1_3_3_1_79_2","unstructured":"Catherine Stupp. 2023. Fraudsters Used AI to Mimic CEO\u2019s Voice in Unusual Cybercrime Case. WSJ. https:\/\/www.wsj.com\/articles\/fraudsters-use-ai-to-mimic-ceos-voice-in-unusual-cybercrime-case-11567157402."},{"key":"e_1_3_3_1_80_2","doi-asserted-by":"publisher","DOI":"10.1145\/3678890.3678926"},{"key":"e_1_3_3_1_81_2","doi-asserted-by":"crossref","unstructured":"Wenni Syafitri Zarina Shukur Umi Asma\u2019Mokhtar Rossilawati Sulaiman and Muhammad\u00a0Azwan Ibrahim. 2022. Social engineering attacks prevention: A systematic literature review. IEEE Access 10 (2022) 39325\u201339343.","DOI":"10.1109\/ACCESS.2022.3162594"},{"key":"e_1_3_3_1_82_2","unstructured":"Microsoft\u00a0Speech to Text. 2024. https:\/\/azure.microsoft.com\/en-us\/products\/ai-services\/speech-to-text\/. Accessed: 2024-02-05."},{"key":"e_1_3_3_1_83_2","unstructured":"Hugo Touvron Thibaut Lavril Gautier Izacard Xavier Martinet Marie-Anne Lachaux Timoth\u00e9e Lacroix Baptiste Rozi\u00e8re Naman Goyal Eric Hambro Faisal Azhar et\u00a0al. 2023. Llama: Open and efficient foundation language models. arXiv:https:\/\/arXiv.org\/abs\/2302.13971 (2023)."},{"key":"e_1_3_3_1_84_2","first-page":"1327","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Tu Huahong","year":"2019","unstructured":"Huahong Tu, Adam Doup\u00e9, Ziming Zhao, and Gail-Joon Ahn. 2019. Users Really Do Answer Telephone Scams. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 1327\u20131340. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/tu"},{"key":"e_1_3_3_1_85_2","first-page":"3811","volume-title":"USENIX Security Symposium","author":"Ulqinaku Enis","year":"2021","unstructured":"Enis Ulqinaku, Hala Assal, AbdelRahman Abdou, Sonia Chiasson, and Srdjan Capkun. 2021. Is Real-time Phishing Eliminated with FIDO? Social Engineering Downgrade Attacks against FIDO Protocols. In USENIX Security Symposium. 3811\u20133828."},{"key":"e_1_3_3_1_86_2","unstructured":"James Vincent. 2023. Vice. https:\/\/www.theverge.com\/2023\/1\/31\/23579289\/ai-voice-clone-deepfake-abuse-4chan-elevenlabs. accessed: 2024-06-06."},{"key":"e_1_3_3_1_87_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICASSP.2018.8462665"},{"key":"e_1_3_3_1_88_2","unstructured":"Jason Wei Xuezhi Wang Dale Schuurmans Maarten Bosma Fei Xia Ed Chi Quoc\u00a0V Le Denny Zhou et\u00a0al. 2022. Chain-of-thought prompting elicits reasoning in large language models. Advances in neural information processing systems 35 (2022) 24824\u201324837."},{"key":"e_1_3_3_1_89_2","series-title":"(CHI\u201919)","first-page":"1","volume-title":"CHI Conference on Human Factors in Computing Systems","author":"Wen Z.\u00a0A.","year":"2019","unstructured":"Z.\u00a0A. Wen, Z. Lin, R. Chen, and E. Andersen. 2019. What.hack: engaging anti-phishing training through a role-playing phishing simulation game. In CHI Conference on Human Factors in Computing Systems(CHI\u201919). 1\u201312."},{"key":"e_1_3_3_1_90_2","unstructured":"Skyler Wu Eric\u00a0Meng Shen Charumathi Badrinath Jiaqi Ma and Himabindu Lakkaraju. 2023. Analyzing chain-of-thought prompting in large language models via gradient-based feature attributions. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2307.13339 (2023)."},{"key":"e_1_3_3_1_91_2","unstructured":"Ezer\u00a0Osei Yeboah-Boateng and Priscilla\u00a0Mateko Amanor. 2014. Phishing SMiShing & Vishing: an assessment of threats against mobile devices. Journal of Emerging Trends in Computing and Information Sciences 5 4 (2014) 297\u2013307."},{"key":"e_1_3_3_1_92_2","series-title":"(CCS\u201923)","first-page":"460","volume-title":"ACM SIGSAC Conference on Computer and Communications Security","author":"Yu Zhiyuan","year":"2023","unstructured":"Zhiyuan Yu, Shixuan Zhai, and Ning Zhang. 2023. AntiFake:Using Adversarial Audio to Prevent Unauthorized Speech Synthesis. In ACM SIGSAC Conference on Computer and Communications Security (Copenhagen, Denmark) (CCS\u201923). New York, NY, USA, 460\u2013474."},{"key":"e_1_3_3_1_93_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICPR.2018.8546262"},{"key":"e_1_3_3_1_94_2","unstructured":"Anna Zhadan. 2023. Cybernews. https:\/\/cybernews.com\/news\/ai-voice-clone-misuse\/. accessed: 2024-06-06."},{"key":"e_1_3_3_1_95_2","series-title":"(SOUPS\u201922)","volume-title":"USENIX Symposium on Usable Privacy and Security","author":"Zheng Sarah\u00a0Y.","year":"2022","unstructured":"Sarah\u00a0Y. Zheng and Ingolf Becker. 2022. Presenting suspicious details in user-facing e-mail headers does not improve phishing detection. In USENIX Symposium on Usable Privacy and Security (Boston, MA, USA) (SOUPS\u201922). USA, Article 14, 19\u00a0pages."}],"event":{"name":"ASIA CCS '25: 20th ACM Asia Conference on Computer and Communications Security","location":"Hanoi Vietnam","acronym":"ASIA CCS '25","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 20th ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3708821.3733866","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,13]],"date-time":"2025-08-13T07:31:21Z","timestamp":1755070281000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3708821.3733866"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,24]]},"references-count":94,"alternative-id":["10.1145\/3708821.3733866","10.1145\/3708821"],"URL":"https:\/\/doi.org\/10.1145\/3708821.3733866","relation":{},"subject":[],"published":{"date-parts":[[2025,8,24]]},"assertion":[{"value":"2025-08-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}