"Are You Sure?": An Empirical Study of Human Perception Vulnerability in LLM-Driven Agentic Systems

TL;DR

This study empirically investigates how susceptible humans are to deception by compromised LLM-driven agents across various domains, revealing significant vulnerabilities and suggesting effective warning strategies to enhance user protection.

Contribution

First large-scale empirical analysis of human vulnerability to agent-mediated deception in high-stakes settings, introducing the HAT-Lab platform and identifying key cognitive failure modes.

Findings

Only 8.6% of participants perceive AMD attacks

Domain experts show increased susceptibility in certain scenarios

Over 90% of users who perceive risks become more cautious

Abstract

Large language model (LLM) agents are rapidly becoming trusted copilots in high-stakes domains like software development and healthcare. However, this deepening trust introduces a novel attack surface: Agent-Mediated Deception (AMD), where compromised agents are weaponized against their human users. While extensive research focuses on agent-centric threats, human susceptibility to deception by a compromised agent remains unexplored. We present the first large-scale empirical study with 303 participants to measure human susceptibility to AMD. This is based on HAT-Lab (Human-Agent Trust Laboratory), a high-fidelity research platform we develop, featuring nine carefully crafted scenarios spanning everyday and professional domains (e.g., healthcare, software development, human resources). Our 10 key findings reveal significant vulnerabilities and provide future defense perspectives. Specifically, only 8.6% of participants perceive AMD attacks, while domain experts show increased susceptibility in certain scenarios. We identify six cognitive failure modes in users and find that their risk awareness often fails to translate to protective behavior. The defense analysis reveals that effective warnings should interrupt workflows with low verification costs. With experiential learning based on HAT-Lab, over 90% of users who perceive risks report increased caution against AMD. This work provides empirical evidence and a platform for human-centric agent security research.