Cybersecurity firm Kaspersky has warned that a viral social-media trend in which users ask artificial intelligence (AI) tools to generate personalized caricatures may be exposing Filipinos to targeted scams and identity-based attacks.
The trend, widely shared on platforms such as Instagram, TikTok, and LinkedIn, involves users uploading personal photos and prompting AI systems to create illustrations based on their life, profession, and other details “the AI knows” about them.
The resulting images — often depicting individuals in their workplace, with family members, or in job-related scenarios — have become popular as shareable content.
However, cybersecurity specialists say the process goes far beyond applying a simple visual filter.
According to Kaspersky, generating highly personalized images often requires users to provide — knowingly or not — a wide range of personal data tied to their online profiles.
This may include employer names, job titles, locations, routines, hobbies, family references, and even corporate branding visible in uploaded photos.
Security analysts warn that combining these elements allows the creation of detailed digital profiles that can be exploited by cybercriminals.
With enough contextual information, attackers can craft convincing phishing or fraud messages referencing a victim’s workplace, role, or relatives, making scams appear more legitimate and increasing the likelihood of financial loss or disclosure of sensitive information.
“The biggest risk is not the illustration itself, but everything people reveal to obtain it,” said Leandro Cuozzo, security analyst at Kaspersky’s Global Research and Analysis Team for Latin America.
“When someone shares details about their work, their family, or their routine, they are unknowingly providing information that can be used for highly targeted fraud or identity impersonation.”
Kaspersky noted that such risks are amplified by users’ tendency to overlook privacy safeguards. Citing its Digital Language study, the company said a significant portion of users in Latin America admit they do not review app permission requests before installation, either because the disclosures are lengthy or simply ignored.
The company also emphasized that interactions with AI platforms may involve more than just uploading a photo. Depending on the service’s privacy policy, systems may retain original images, user prompts, usage history, and technical metadata such as IP addresses, devices, and behavioral patterns.
Some of this information may be stored to operate services, improve performance, or train AI models, meaning user data could persist longer than expected.
Kaspersky warned that the cumulative exposure of such information can open the door to social-engineering attacks, identity theft, and highly personalized fraud campaigns — threats that are increasingly targeting mobile-first populations.
The firm advised users to limit the amount of personal information shared with AI tools, review app permissions carefully, and avoid prompts that request broad access to personal or professional data.
