Infringement
Account Sharing
Data Loss
Delegated Execution via Artificial Intelligence Agents
Denial of Service
Disruption of Business Operations
Excessive Personal Use
Exfiltration via Email
Exfiltration via Media Capture
Exfiltration via Messaging Applications
Exfiltration via Other Network Medium
Exfiltration via Physical Medium
- Exfiltration via Bring Your Own Device (BYOD)
- Exfiltration via Disk Media
- Exfiltration via Floppy Disk
- Exfiltration via New Internal Drive
- Exfiltration via Physical Access to System Drive
- Exfiltration via Physical Documents
- Exfiltration via Target Disk Mode
- Exfiltration via USB Mass Storage Device
- Exfiltration via USB to Mobile Device
- Exfiltration via USB to USB Data Transfer
Exfiltration via Screen Sharing
Exfiltration via Web Service
Harassment and Discrimination
Inappropriate Web Browsing
Installing Malicious Software
Installing Unapproved Software
Misappropriation of Funds
Non-Corporate Device
Providing Access to a Unauthorized Third Party
Public Statements Resulting in Brand Damage
Regulatory Non-Compliance
Sharing on AI Chatbot Platforms
Theft
Unauthorized Changes to IT Systems
Unauthorized Printing of Documents
Unauthorized VPN Client
Unlawfully Accessing Copyrighted Material
- ID: IF028.003
- Created: 03rd March 2026
- Updated: 03rd March 2026
- Contributor: The ITM Team
AI Agent Impersonation Execution
A subject commits an infringement by delegating impersonation activity to an artificial intelligence (AI) agent that autonomously or semi-autonomously executes deceptive communications within or outside the organization.
This behavior occurs when a subject configures or tasks an AI agent to replicate the identity, tone, authority, or communication style of another individual (such as an executive, HR representative, legal counsel, or trusted colleague) and the agent executes impersonation actions that result in material harm.
The AI agent may be directed to:
- Learn or replicate a specific identity based on internal communications.
- Generate context-aware communications dynamically.
- Automatically send or respond to messages.
- Adapt content based on recipient replies.
- Sustain multi-step interactions without direct manual drafting by the subject.
Unlike manual impersonation, this behavior involves delegated execution. The AI agent operates as the impersonation engine, producing and transmitting deceptive content at scale or with persistence beyond what the subject could realistically maintain manually.
Examples include:
- An AI agent generating and dispatching executive-style requests for financial transfers.
- Automated conversations designed to solicit credentials or sensitive documents.
- AI-driven responses to follow-up questions that maintain the credibility of a fabricated identity.
- Persistent impersonation campaigns targeting internal departments or external partners.
The infringement is established when the AI agent executes deceptive communications that result in fraud, credential compromise, unauthorized disclosure, reputational harm, or operational disruption.
The defining characteristic is the autonomous execution of impersonation through an AI agent acting under the subject’s direction.
The subject remains fully accountable for the deception and resulting harm. The AI agent amplifies realism, adaptability, and scale, significantly increasing the effectiveness and persistence of impersonation-based misconduct.