Copilot Studio - Authority / role-impersonation claim in user message
Copilot Studio Privilege Escalation Claim
Query
let escalationMarkers = dynamic([
"i am the ceo", "i'm the ceo", "i am the cfo", "i'm the cfo",
"i am the cto", "i am your administrator", "as an administrator",
"as the administrator", "as an admin", "i am an admin", "i'm an admin",
"i have admin", "i am authorised", "i am authorized", "i'm authorised",
"i'm authorized", "i am allowed to", "i have permission to",
"on behalf of the", "i am from it", "i'm from security",
"by order of", "override the policy", "i outrank", "elevate my access",
"give me access to", "grant me access", "i should have access"
]);
AppEvents
| where Name == "BotMessageReceived"
| extend
ConvId = tostring(Properties["conversationId"]),
ChannelId = tostring(Properties["channelId"]),
Locale = tostring(Properties["locale"]),
DesignMode = tostring(Properties["DesignMode"]),
Text = tolower(tostring(Properties["text"]))
| where isnotempty(Text)
| mv-apply Marker = escalationMarkers to typeof(string) on (
where Text contains Marker
| summarize Markers = make_set(Marker)
)
| extend AccountName = iff(isempty(UserId), "unknown-agent", UserId)
| project
TimeGenerated, AccountName, ConvId, ChannelId, Locale, DesignMode,
Markers, Text = substring(tostring(Properties["text"]), 0, 1024),
SessionId, ClientIP, AppVersion
| order by TimeGenerated descExplanation
This query is designed to detect potential social engineering attempts in messages received by a system called Copilot Studio. It specifically looks for messages where a user claims to have authority or a specific role, such as "I am the CFO" or "as an administrator," which the system cannot verify. These claims are often used to trick the system into releasing sensitive information or performing actions that require higher privileges.
Here's a simplified breakdown of the query:
-
Purpose: The query raises an alert when a message contains phrases that suggest the sender is trying to impersonate someone with authority to gain access or privileges they shouldn't have.
-
Data Source: It analyzes inbound messages received by the system, specifically looking at the "BotMessageReceived" events from Application Insights.
-
Detection Logic: The query checks if the message text contains any phrases from a predefined list of authority or role-impersonation markers (e.g., "I am the CEO," "as an admin").
-
Alert Details: If such phrases are detected, the query logs details like the time the message was received, the account name, conversation ID, channel ID, and a snippet of the message text.
-
Severity and Tactics: The alert is classified with medium severity and is associated with tactics like Privilege Escalation and Initial Access, indicating the potential risk of unauthorized access.
-
Incident Management: The query is set to create an incident for each alert, grouping similar alerts together based on the account involved, to help manage and investigate these incidents efficiently.
-
Frequency: The query runs every hour, checking messages from the past hour to ensure timely detection of potential threats.
Overall, this query helps in identifying and responding to social engineering attempts that could lead to unauthorized access or data breaches in the Copilot Studio environment.
Details

David Alonso
Released: June 8, 2026
Tables
Keywords
Operators
Severity
MediumTactics
Frequency: PT1H
Period: PT1H