Guidelines for Establishing an Automated SMS Evaluation Service with AI in Tines
AI can be utilized in diverse workflow automation scenarios, and setting up an AI-driven automated SMS analysis service stands out as a practical approach to save time and augment the security stance of your organization.
Within the realm of automation platforms, Tines exemplifies how this integration can be accomplished. The company recently unveiled their initial inborn AI capabilities. Security teams have promptly begun showcasing the AI-amplified workflows they’ve constructed leveraging the tool.
Tines’ repository of ready-made workflows comprises AI-enhanced ones tailored for standardizing alerts, generating cases, and pinpointing phony emails necessitating further attention.
Let’s delve into their SMS analysis workflow, which, like all their pre-built processes, is freely accessible for import and use with a complimentary Community Edition registration.
Here, we will present an outline of the workflow and a methodical walkthrough to set it up and activate it.
The issue – Fraudulent SMS messages directed at staff members
Staff members frequently receive deceitful SMS messages aimed at pilfering login credentials or planting malicious software on devices. Such messages can trigger compromised accounts, unauthorized access to confidential data, and probable breaches that could inflict substantial damage on the organization’s activities and reputation.
Mitigating each alert manually can be laborious and error-prone, posing difficulties for security units in keeping abreast with the influx of threats.
The fix – An automated SMS evaluation service
 |
| A webpage containing a form where staff can submit messages for evaluation |
By leveraging workflow automation, security teams can establish an SMS evaluation service accessible to any employee within the organization.
It operates on a straightforward self-service model. When employees encounter a dubious message, they access the webpage and submit either a screenshot of the message or a URL via the designated form. This form initiates the workflow, and they receive a response within moments. The response furnishes a clear and exhaustive evaluation of the message along with suggested follow-up actions.
Here’s an example of the image they could provide:
And here’s a simulation of the feedback they could anticipate receiving:
 |
| The automated evaluation received by the employee |
The content reads:
Hello! Appreciate your report. I’ve scrutinized the content and have some points to share:
The message alleges that your Amazon account has been locked due to repeated login failures. This strategy is commonly employed in phishing endeavors, where perpetrators coerce you into clicking a malevolent link to “recover” your account.
The message conveys a sense of urgency, a trademark of phishing tactics. Genuine entities usually do not demand immediate responses in this manner.
The link furnished in the message (hxxp://s953909557/servweb) seems dubious. I’ve neutered the link, but I strongly advise refraining from clicking on it since it could lead to a site intent on hijacking your login details or embedding malware on your device.
Moreover, the message does not align with communications from our senior execs [executive names here]. This could indicate an instance of CEO deception, where an individual is masquerading as a top official to solicit sensitive details or execute unauthorized operations.
In summary, these telltale signs suggest a customary phishing ploy; exercise caution. I suggest refraining from interacting with the proffered link and contacting Amazon directly through their official channels for account verification.
Feel free to reach out for any queries or uncertainties. I’m dedicated to ensuring our organization’s security.
Listed below are some prime merits of initiating such a service:
- It fosters a cybersecurity-savvy culture within the workforce, facilitating vigilant behavior and reinforcing security-conscious choices
- It minimizes manual, repetitive tasks for the security team
- It enhances the speed and precision of threat identification
 |
| The automated workflow as visible in the Tines collection |
Workflow outline
This sequence utilizes Tines Pages to craft an automated SMS inspection service that can be utilized by any team member within the company.
Tools utilized:
- Tines – a platform for workflow automation and orchestration that is highly favored among security teams. The free Community Edition of Tines can be used to construct and execute this sequence if a paid subscription is not held. AI functionality must be enabled on your account. It’s important to note that AI operation consumption is credit-based, but there is a complimentary credit allocation across all accounts.
- OCR – a complimentary tool that analyzes images and multi-page PDF documents and provides the extracted text results in JSON form. Advanced plans with expanded usage capacities are also offered.
The workflow initiates upon submission on a Tines page, featuring a form for users to present an image of an SMS or a pertinent URL.
Following that, the workflow extracts the text using OCR technology. In instances where the image surpasses the file size constraint, it is adjusted in dimension by the Automatic Mode adjustment, which triggers a small Python script created by AI within Tines.
The workflow also downloads the image if a URL is provided. For uploaded images, it is renamed to align with the specified format.
Once the text is extracted, it undergoes an AI assessment. The AI inquiry requests the language model to scrutinize it for probable fraudulent warnings and neutralize any hyperlinks.
Below is the AI inquiry the Tines team employed to design the workflow:
As a virtual Security Analyst assessing a dubious SMS forwarded to you. The OCR of the SMS screenshot has been performed by you.
Respond to the user submitting the SMS with the evaluation. The focus is on analyzing for sentiment and common scams like phishing, romance scams, counterfeit invoices, counterfeit tickets, and numerous others.
Given this is an internal tool, a chief concern is CEO Fraud where an individual could be posing as a senior executive. The designated Senior Executives in this firm are [insert executive names and roles].
If any suspicious hyperlinks are included in the feedback, ensure they are defused.
Commence with:
“Hello! Appreciate the SMS report…”
The AI action composes a reply to the user, incorporating the assessment – whether the message seems malicious or not – and offering suggested procedures – refrain from clicking the link, etc.
If the assessment fails for any reason, the user is notified to attempt again or reach out to the security team.
Configuring the workflow – comprehensive steps
 |
| The Tines Community Edition registration form |
1. Sign in to Tines or set up a new account.
2. Verify that AI functionality is activated on your account. As the account owner, confirm AI is enabled by accessing the account settings menu at the top left corner of your interface, and selecting the checkbox to activate AI.
 |
| The OCR Space registration form |
 |
| Inserting a new credential in Tines |
3. Establish your OCR authorization. If not yet acquired, set up an OCR API account and obtain the API key. On the credentials page, choose New credential. You will be required to select the credential type (here, Text) and fill in the necessary fields. Label the credential “ocr_space” for automatic linkage to the workflow.
 |
| Transferring a tale from the repository to your lessee |
4. Go to the pre-made workflow in the repository.
 |
| The plan on Tines’ drag-and-drop canvas |
5. Pick import. This action will lead you directly to your freshly made pre-built workflow.
 |
| Adjusting the Tines sheet |
 |
| Personalizing the AI hint |
6. Adjust your maneuvers. For instance, you might want to reshape the format of the Tines sheet that launches the workflow, and tailor the AI hint with the titles of top management at your corporation.
7. Execute the workflow. Transmit an illustration through the form to evaluate your workflow.
8. Release your workflow and distribute the Page URL with your preferred users.
Creating in other automated systems
You could utilize another no-code automated system to devise a comparable facility, although it’s pertinent to note that some of the attributes in this workflow are distinctive to Tines:
- Sheets: This workflow is initiated by a submission to a form on a web page, and the outcome is dispensed via the same web page. This is constructed using Tines’ Pages feature.
- Alternative: Acquire data and issue findings via email.
- The AI Movement: Tines’ AI maneuver is distinctive in that it permits users to directly access and employ a linguistic model at any juncture in their workflow while offering robust security measures. There’s no training, logging, examining, or conserving of data that enters or exits the linguistic model.
- Alternative: Connect to an external LLM like ChatGPT for scrutiny, but be certain to assess the security and confidentiality attributes of whichever model you intend to use if sensitive data will be conveyed through.
- Event Transform in Automatic Mode: This characteristic utilizes build-time AI to compose Python code based on the direction and the input the constructor provides. Once you safeguard your modifications, the code is secured in place. This signifies that when the maneuver executes, solely the code operates, and no AI is involved.
- Alternative: Compose Python code manually to alter your data.
If you’re keen on exploring AI in Tines independently or testing out this workflow, you can enlist for a complimentary account incorporating AI functionality.
About Author
