Category: Chat

If you have seen the sales video and are looking to buy the course, read the details here before deciding.

If you ever wandered across this place called the Internet, chances are you might have come across this training called Chatbot Agency Mastery. With the advent of Chatbots for marketing, more and more businesses are switching to deploy bots for improving customer engagement and lead conversion.

Chatbots are real, and people generate tons of money by building real, valuable chatbots. But what’s not natural is this sham of a course known as Chatbot Agency Mastery which has been re-christened as CAM-2.0

If you ever came across the video sales letter of this course, you would hear the founder of this course, Sumanta Barman, CEO of The Virtual Bytes. He will proudly tell how ‘extensive’ this course is and how anyone doing it would gain life-changing skills.

I bought in the hype around the chatbots and went with the purchase. I was all pumped-up thinking that this is a life-changing skill that will surely help add to my skill sets but what it turned out to be was an absolute waste of time and money.

Let me break down the entire course so that you decide whether to go ahead with the purchase or not.

1. Course Content

From someone who bought this course, I can tell you that you will learn far more by watching the free pre-recorded training videos at ManyChat.com. The videos there are pretty detailed, self-explanatory, and even have a help section to assist you in your problems.

This fundamental training of making bots is minimal in this course (even minimal is an overstatement). There’s no substance at all. The video sales letter of the course falsely pitches about teaching to build Instagram bots, but when you go through the system, you will find the trainer saying, ‘he doesn’t have enough idea about the Instagram bot.’

What is disheartening is that even the primary skill, i.e., Facebook Messenger Bot Building, is half-baked and rushed. There are so many features in the ManyChat platform, but nothing is touched. Such is the condition that even after watching the entire videos, I had to go back to ManyChat to learn the basics! It was there where I learned about using triggers/conditions/tracking and so much more.

So, stay away from this course if you want to build unique bots.

Trending Bot Articles:

1. How Conversational AI can Automate Customer Service

2. Automated vs Live Chats: What will the Future of Customer Service Look Like?

3. Chatbots As Medical Assistants In COVID-19 Pandemic

4. Chatbot Vs. Intelligent Virtual Assistant — What’s the difference & Why Care?

2. Lure Of Pre-Made Templates

Many of you would aim to buy this course to access pre-made templates.

One piece of advice: Check the ready-to-use templates available on the ManyChat platform. You will find a wide variety of readymade templates for different business verticals. You can use them to build bots of your own.

3. Marketing Gibberish

The course is full of marketing gibberish used only to make the trainer look knowledgeable. This so-called marketing jargon finds widespread usage throughout the system without adding much value. Little knowledge of English and some common sense is enough to get you started here.

4. Marketing Scripts

They give 7–8 scripts to DM prospective clients on Facebook and Instagram. The funny part is that these scripts are fundamental, and some even have common grammatical errors. These are basic, and you can find much better approach scripts on the Internet.

5. Discord Server

The discord server has no activity. It’s pitched as priceless, but I found it dead and left it quite early.

The training quality was so bad that after watching the Messenger Chatbot making videos, I asked for a refund as I realized the course was not worth the money I paid. When the very essence of this course is so diluted, how much good would the other parts be? As expected, they gave reasons such as this course is for essential bot building, we can’t ensure great personal experience and some other things before declining refund.

Overall Review

Stay Away!

If you value your money, stay away! If you love your time, stay away! Honestly, it offers no value for the price it charges. You don’t need this course if you are ready to spend a day or two on the ManyChat website. I was foolish not to go on the ManyChat site to explore and therefore got trapped in this vicious trap. Save your precious money and invest it somewhere worthwhile. This course is not the place!

Don’t forget to give us your 👏 !

---

Is Chatbot Agency Mastery a SCAM? was originally published in Chatbots Life on Medium, where people are continuing the conversation by highlighting and responding to this story.

submitted by /u/kiniu_the_bunny [link] [comments]

submitted by /u/pracasrv
[link] [comments]

submitted by /u/jorenwouters
[link] [comments]

submitted by /u/pls_shutthefrontdoor
[link] [comments]

I spent some good time a few months back, reading about IBM Watson Assistants. And I thought, how about I build one. It’s smooth. So I built it using their console and not actually coding it. I manually added the requests and responses and built them. In the next blog, I’ll code one!

I built a bakery-shop bot that takes an order for a Cake of the user’s choice and displays the bill for that particular cake. Well, it doesn’t have too many functionalities, as it’s for starters!

First, we log in to IBM Cloud. Link: https://cloud.ibm.com/

Our dashboard would look like this:

We click on “Create Resource” and on the Search bar, right under Catalogue, we search for: IBM Watson Chatbot.

We create a new resource.

Now, we are prompted to give the assistant a name, description, and assistant language. This is what the page will look like:

As we go to the Actions section on the left sidebar. We create our first action.

Trending Bot Articles:

1. How Conversational AI can Automate Customer Service

2. Automated vs Live Chats: What will the Future of Customer Service Look Like?

3. Chatbots As Medical Assistants In COVID-19 Pandemic

4. Chatbot Vs. Intelligent Virtual Assistant — What’s the difference & Why Care?

What is an action?

Actions let us create dialogues or questions differently. Each action has a beginning and an ending. Action always comes to an “action” when a user enters something that the action is built to recognize and respond to. This was a tricky explanation 😉

I designed a little happy path for this bot. So, what is a Happy Path exactly?

Have you heard of conversational design?

If so, awesome. If not, then here I’ll tell you. Every application that we build has to have a constructive design. Be it visual or voice. This design should give the customer a good experience. While designing bots, we call it conversational design, as this design decides how the conversation is going to start, flow in between and end, with a customer and the bot.

To design a good conversational experience, we need to know our participants

well enough to have an idea of where they are coming from. It puts us in a

better position to map out scenarios of the possible needs they have for each

Engagement.

Hence, this is a little workflow of the conversation that I have designed for this chatbot!

Now, I have added all these responses here in the action area of the Chatbot.

For the final part, here’s a little conversation about me with the chatbot.

That’s all! You can always add more functionality to this. There’s no end to it. Since this was a very basic one, to understand the flow, I didn’t dig in much. You can access the Live Chatbot and use it! Begin by saying:

I want to order a cake

Thanks!

Don’t forget to give us your 👏 !

---

Hands-on IBM Watson Chatbot: Basic was originally published in Chatbots Life on Medium, where people are continuing the conversation by highlighting and responding to this story.

submitted by /u/Niki_Botium [link] [comments]

submitted by /u/henrythemeanBOT [link] [comments]

Chatbots are here to stay

Chatbots have been around for a long time and based on the global chatbot market size (and the expected growth), they will stick around for a long time and gain importance. In the past they’ve rarely met customer expectations or provided much positive experience. However, over the last few years, advances in conversational AI have transformed how they can be used. Since chatbots offer a wide range of applications, in certain cases they become responsible for collecting and protecting personal information as well. Consequently, they are a great attraction for hackers and malicious attacks too. The responsibility of ensuring chatbot security has become more pronounced after the introduction of GDPR in Europe. As statistics show that this technology will be a determining factor in our lives, security testing must also become part of our daily tasks, so that these chatbots can be used with confidence.

Security Risks, Threats and Vulnerabilities

The words risk, threat and vulnerability are often confused or used interchangeably when reading about computer security, so let’s first clarify the terminology:

• Vulnerability refers to a weakness in your software (or hardware, or in your processes, or anything related). In other words, it’s a way hackers could find their way into and exploit your systems.
• A threat exploits a vulnerability and can cause loss, damage or destruction of an asset — threats exploit vulnerabilities
• Risk refers to the potential for lost, damaged, or destroyed assets — threats + vulnerability = risk!

The well-known OWASP Top 10 is a list of top security risks for a web application. Most chatbots out there are available over a public web frontend, and as such all the OWASP security risks apply to those chatbots as well. Out of these risks there are two especially important to defend against, as in contrast to the other risks, those two are nearly always a serious threat — XSS (Cross Site Scripting) and SQL Injection.

In addition, for artificial intelligence enabled chatbots, there is an increased risk for Denial of Service attacks, due to the higher amount of computing resources involved.

Trending Bot Articles:

1. How Conversational AI can Automate Customer Service

2. Automated vs Live Chats: What will the Future of Customer Service Look Like?

3. Chatbots As Medical Assistants In COVID-19 Pandemic

4. Chatbot Vs. Intelligent Virtual Assistant — What’s the difference & Why Care?

Vulnerability 1: XSS — Cross Site Scripting

A typical implementation of a chatbot user interface:

• There is a chat window with an input box
• Everything the user enters in the input box is mirrored in the chat window
• Chatbot response is shown in the chat window

The XSS vulnerability is in the second step — when entering text including malicious Javascript code, the XSS attack is fulfilled when the web browser is running the injected code:

<script>alert(document.cookie)</script>

Possible Attack Vector

For exploiting an XSS vulnerability the attacker has to trick the victim to send malicious input text.

1. Attacker tricks the victim to click a hyperlink pointing to the chatbot including some malicious code in the hyperlink
2. The malicious code is injected into the website, reads the victims cookies and sends it to the attacker without the victim even noticing
3. The attacker can use those cookies to get access to the victim’s account on the company website

Defense

This vulnerability is actually easy to defend by validating and sanitizing user input, but still we are seeing this happening over and over again.

Vulnerability 2: SQL Injection

A typical implementation of a task-oriented chatbot backend:

• User tells the chatbot some information item
• The chatbot backend queries a data source for this information item
• Based on the result a natural language response is generated and presented to the user

With SQL Injection, the attacker tricks the chatbot backend to consider malicious content as part of the information item:

my order number is “1234; DELETE FROM ORDERS”

Possible Chatbot Attack Vector

When the attacker has personal access to the chatbot, an SQL injection is exploitable directly by the attacker (see example above), doing all kinds of SQL (or no-SQL) queries.

Defense

Developers typically trust their tokenizers and entity extractors to defend against injection attack. Additionally, simple regular expression checks of user input will in most cases close this vulnerability.

Vulnerability 3: Denial of Service

Artificial intelligence requires high computing power, especially when deep learning as in state-of-the-art natural language understanding (NLU) algorithms is involved. The Denial of Service (DoS) attack is focused on making a resource unavailable for the purpose it was designed, and it is not hard to imagine that chatbots are more vulnerable to Denial of Service (DoS) attacks than the usual backends based on highly optimized database systems. If a chatbot receives a very large number of requests, it may cease to be available to legitimate users. These attacks introduce large response delays, excessive losses, and service interruptions, resulting in direct impact on availability.

Possible Chatbot Attack Vector

A typical DoS attack sends a large number of large requests to the chatbot to intentionally exhaust the available resources. It will happen that the computing resources are not available anymore to legitimate users.

But there is an additional risk to consider: it is quite common for chatbot developers to use cloud based services like IBM Watson or Google Dialogflow. Depending on the chosen plan there are usage limits and/or quotas in effect which can be exhausted pretty quickly — for example, the Google Dialogflow Essential free plan limits access to 180 requests per minute, all other requests will be denied. For a usage-based plan without any limits a DoS attack can easily cost a fortune due to the increased number of requests.

Defense

The established methods for defending against Denial of Service attacks apply for chatbots as well.

Mitigation Strategies

Apart from the defense strategies from above, there are generic rules for mitigating the risks of system breaches.

Software Developer Education

Naturally, the best way to defend against vulnerabilities is to not even let them occur in the first place. Software developers should get special training to consider system security as part of their day-to-day development routine. Establishing the mindset and processes in the development team is the first and most important step.

Continuous Security Testing

Security testing should be part of your continuous testing pipeline. The earlier in the release timeline a security vulnerability is identified and fixed the cheaper.

Basic tests based on the OWASP Top 10 should be done on API level as well as on End-2-End-level. Typically, defense against SQL Injections is tested best on API level (because of speed), while defense against XSS is tested best on End-2-End level (because of Javascript execution).

Specialised tools like Botium help in setting up your continuous security testing pipeline for chatbots.

Conclusion

Chatbots open the same kind of vulnerabilities, threats and risks as other customer facing web applications. Due to the nature of chatbots, some vulnerabilities are more probable than others, but the well established defense strategies will work for chatbots.

Don’t forget to give us your 👏 !

---

Top 3 Chatbot Security Vulnerabilities in 2022 was originally published in Chatbots Life on Medium, where people are continuing the conversation by highlighting and responding to this story.