This work addresses a critical limitation of existing backdoor attacks against large language models, which predominantly rely on passive triggers and thus struggle to achieve high efficacy in real-world interactive settings. To overcome this, the paper introduces Proactive Availability Backdoors (PAB), the first approach that integrates social engineering principles into backdoor attacks by exploiting the helpfulness of aligned models. Specifically, PAB actively steers users toward submitting queries containing the trigger through conversational suggestions. The authors develop a dual-agent simulation framework grounded in the Five-Factor Model of personality and deploy PAB via few-shot prompting, alongside proposing an Anti-PAB defense mechanism. Extensive experiments demonstrate that PAB achieves a combined attack success rate of 73.1% across multiple models and domains, exposing a significant security risk: the weaponization of model usability itself.

Current backdoor attacks against LLMs are typically manipulated by the attacker and remain passive. In this paper, we introduce the \textbf{Proactive Availability Backdoor (PAB)}, a novel paradigm that shifts the attack vector from passive waiting to active social engineering. By weaponizing the inherent helpfulness of aligned LLMs, PAB proactively traps users into executing trigger-implanted queries by offering suggestions, achieving high aggressiveness, precision and stealthiness. To rigorously evaluate its threat in a real-life context, we introduce a dual-agent ecological simulation framework based on selected dimensions of the Five-Factor Model, and deploy PAB with few-shot prompts. Being validated on different models and domains, PAB performs remarkably and its effective attack success rate, which calculates the joint probability of attack incidence rate and attack success rate, goes to \textbf{73.1\%}. We also introduce \textbf{Anti-PAB}, a defense method tailored for PAB. Our findings reveal that the helpfulness of LLMs can be weaponized to compromise availability, exposing a serious hidden threat to LLMs users. We release all the scripts and datasets in the experiments at \texttt{https://anonymous.4open.science/r/PAB-ANONYMOUS/}.