Public Instagram Posts Fuel AI-Generated Phishing Campaigns, Researchers Warn
A new study from the University of Texas at Arlington and Louisiana State University shows that attackers can generate convincing, personalized phishing emails using just a handful of public Instagram posts and generative AI.
A handful of public Instagram posts can give attackers enough material to generate convincing phishing emails with generative AI, according to new research from the University of Texas at Arlington and Louisiana State University. The study demonstrates how publicly available social media activity can be systematically harvested and fed into large language models to craft messages that appear personal and credible to human recipients. This marks a significant evolution in phishing tactics, as attackers no longer need stolen databases or extensive reconnaissance to launch targeted campaigns.
The attack pipeline works by first scraping public Instagram profiles for personal details such as location, hobbies, recent activities, and social connections. These data points are then used as prompts for generative AI models, which produce emails that reference specific events or interests—like a recent vacation photo or a shared friend—making the message seem legitimate. The researchers showed that even a small set of posts, as few as five to ten, can yield highly tailored phishing lures that bypass traditional spam filters and trick recipients into clicking malicious links or divulging credentials.
The implications for cybersecurity are profound. Traditional phishing relied on broad, generic messages or required attackers to compromise databases of personal information. Now, with generative AI, the barrier to creating personalized attacks has dropped dramatically. The study highlights that the attack is scalable: an attacker could automate the scraping of thousands of public profiles and generate unique emails for each target in seconds. This reduces the need for human effort while increasing the likelihood of success, as recipients are more likely to trust a message that references their own life.
From a technical standpoint, the research underscores the dual-use nature of generative AI. While tools like ChatGPT and Claude have legitimate applications in content creation and customer service, they can be repurposed for malicious ends with minimal modification. The study did not name specific AI models but noted that any publicly available LLM with sufficient language generation capability could be used. The key vulnerability is not in the AI itself but in the abundance of publicly shared personal data on social media platforms.
The researchers recommend that users limit the amount of personal information they share publicly on platforms like Instagram, especially details that could be used to impersonate a trusted contact or organization. They also call on social media companies to implement stronger privacy defaults and on email providers to improve detection of AI-generated phishing content. For enterprises, the study suggests that security awareness training should now include examples of AI-crafted messages that reference real-world events from employees' public profiles.
This research adds to a growing body of evidence that generative AI is reshaping the threat landscape. Earlier this year, reports showed attackers using AI to write more convincing business email compromise (BEC) messages and to generate deepfake audio for vishing attacks. The ability to combine public social media data with AI-generated text represents a convergence of two trends: the oversharing of personal information online and the increasing accessibility of powerful language models.
While the study focused on Instagram, the technique could easily be applied to other platforms like Facebook, LinkedIn, or TikTok, where users often share location check-ins, job updates, and personal milestones. The researchers warned that as AI models become more sophisticated, the line between legitimate and malicious communication will continue to blur, making it harder for individuals and automated filters to distinguish real messages from fakes.
In response to the findings, cybersecurity experts urge users to review their social media privacy settings and consider whether posts that seem innocuous—like a photo of a coffee shop or a comment about a weekend trip—could be used against them. For now, the best defense remains skepticism: even if an email appears to know personal details, recipients should verify the sender through a separate channel before clicking any links or providing sensitive information.