Speaking with a bot

Published on den 16 October 2012

I just had a conversation with a bot (or a hacker) that had access to a friends messenger account. It nearly fooled me. Here is the conversation

Because this friend is swedish I was a knew it was fairly sure it was bot or the friend was sending the message to the wrong person when he started the conversation in english. Because it could be that he sent it to the wrong person I wanted to check if that was the case.

There is a screenshot of the conversation below with the swedish parts translated. I was 100% sure it was a scam after i recived then 2nd message but I decided to test how smart it was. Its 3rd answer is pretty clever, I doubt it actually understand what it replies to but I guess they have analysed enough conversation to see that most often my second response will question them or try to close the conversation. 

It's fourth response is quite interesting because here it actually speaks swedish with me. I guess it analysed my response to be in swedish. Had it actually used that information in message #3 and said "Are you sure?" in swedish instead I would have been much more likely to fall for it.

Message #2 and message #5 is where it breaks down. In #2 it tells me way too much. How often do you have conversations like that? And #5 really ruins the whole thing by saying something that is very likely to be false. Most of my messenger friends is people I've actually met.

We swedish people have an extra line of defense because if a fellow swede start writing me in english I will get suspicious right from the start. 

  

Summary

I was tiped of right at the start by the language but still a single good answer (#3) made me doubt that. I consider myself as an 'aware' person when it comes to the threat of hackers but had I been english speaking and the bot avoided some of the most obvious warnings I could have been fooled. I'm not suprised that people who doesn't think as much about security are fooled. With more computing power and more clever AI it will be even harder to protect against in the future. Luckily the best defense is free and will benefit your social life. Just ask about something you share with this person that no bots would ever know(not in many years atleast). Here I could for example have asked how this guy likes his new apartment or when he will visit us the next time. That would have revealed the bot directly.   

Then feel free to it or if you have any comments or questions mention @MikaelEliasson on Twitter.

CTO and co-founder at Bokio with a background as an elite athlete. Still doing a lot of sports but more for fun.

#development, #web, #orienteering, #running, #cycling, #boardgames, #personaldevelopment