Cyber Criminals Are Quick To Use ChatGPT 

Uploaded on 2023-03-06 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-Cybersecurity News, FREE TO VIEW

ChatGPT has captured the Internet’s attention with millions using the technology to write poems, craft short stories, answer questions and even ask advice and now cyber criminals have begun using OpenAI’s artificially intelligent chatbot ChatGPT to quickly construct hacking tools. 

Norton has released its quarterly Consumer Cyber Safety Pulse Report which observes that cyber criminals have extended  the use of ChatGPT to create deepfake chatbots, phishing campaigns and malware.

OpenAI, a private company backed by Microsoft, made it available to the public for free in November. In addition to writing lures, ChatGPT can also generate code. 

Nortons research team have examined how cyber criminals can use artificial intelligence to create realistic and sophisticated threats. The latest report includes an analysis of how large language models can enhance criminal tactics. Amongst other exploits, cyber criminals are using  ChatGPT to generate malicious threats through its impressive ability to generate human-like text that adapts to different languages and audiences and in tis way criminals can quickly and easily craft email or social media phishing lures that are even more convincing, making it more difficult to tell what’s legitimate and what’s a threat.

ChatGPT can generate articles, essays, jokes, poetry and job applications in response to text prompts. It can respond to questions in a human-like manner and understand the context of follow-up queries much like in human conversations, as well as being able to compose longform pieces of writing if asked. 

Just as ChatGPT makes developers’ lives easier with its ability to write and translate source code, it can also make cyber criminals’ lives easier by making scams faster to create and more difficult to detect.

“I’m excited about large language models like ChatGPT, however, I’m also wary of how cyber criminals can abuse it...  We know cybercriminals adapt quickly to the latest technology, and we’re seeing that ChatGPT can be used to quickly and easily create convincing threats," Kevin Roundy, Senior Technical Director of Nortonn said.

As well as using ChatGPT for effective phishing, criminals can also use it to create deepfake chatbots which   can impersonate humans or legitimate sources, like a bank or government entity, to manipulate victims into disclosing personal information to gain access to sensitive information, steal money or commit fraud.

Norton's advice is to be suspicious and extremely cautious when engaging with unknown sources of possible risk: 

  • Avoid chatbots that don’t appear on a company’s website or app and being cautious of providing any personal information to someone you’re chatting with online
  • Take a moment to think before you click on links in response to unsolicited phone calls, emails or messages.
  • Update your security measures to make sure you have a  a leyer of security that goes beyond known malware recognition, such as behaviour detection and blocking.

The latest Pulse Report also revealed that throughout 2022, Norton thwarted over 3.5 billion threats, or around 9.6 million threats per day. In 2022, Norton blocked 90.9 million phishing attempts, 260.4 million file threats, 1.6 million mobile threats, 274 thousand ransomware attacks. Norton AntiTrack blocked over 3 billion trackers and fingerprinting scripts. In the last quarter alone, Norton blocked over 787.7 million threats, or around 8.5 million threats per day. From October through December 2022, Norton blocked 27 million phishing attempts, 49.4 million file threats, 770 thousand mobile threats, 46 thousand ransomware attacks. Norton AntiTrack blocked over 1 billion trackers and fingerprinting scripts.

OpenAI has put certain filters in place to prevent obvious requests for ChatGPT to construct malware with policy violation notifications, but hackers have already found ways around those safeguards. 

Techguide:    NZHerald:     Guardian:    Business Insider:     Forbes:    Analytic Insight:   ITBrief:     

You Might Also Read:

The Latest Artificial Intelligence Technologies:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« New US National Cyber Security Strategy
Detecting Digital Injection To Counter Deepfake Biometric Fraud  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

TestFort

TestFort

TestFort QA Lab is a specialized software testing company offering independent quality assurance and software testing services.

Riscure

Riscure

Riscure is a global test lab and tools leader for device security. Core expertise in side channel analysis, fault injection and embedded device software.

Silicon:SAFE

Silicon:SAFE

Silicon:SAFE develops impenetrable hardware solutions that prevent bulk data theft during a cyber-attack.

Awake Security

Awake Security

Awake Security offer a security solution built on an AI platform that acts like the human brain to sense, detect, and respond to threats you may not even know exist.

Dice

Dice

Dice is a leading recruitment platform, helping technology professionals manage their careers and employers connect with highly skilled tech talent in specialist areas including cybersecurity.

Bitfury Group

Bitfury Group

Bitfury Group is the largest full-service blockchain technology company in the world.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

Terralogic

Terralogic

Terralogic is a software and IT services company, an expert in IoT, Cloud, DevOps, App development and Cybersecurity.

Onclave Networks

Onclave Networks

Onclave Networks is a global cybersecurity leader, transforming the future of securing all IT/OT devices and systems.

Audea

Audea

Audea is a consultancy firm specialising in cybersecurity, risk and compliance. We provide professional services addressing all areas of Cybersecurity and GRC.

StickmanCyber

StickmanCyber

At StickmanCyber we are on a mission to create a digital world that is safe for everyone - we are your trusted cybersecurity partner.

Conosco

Conosco

Conosco are industry-leading experts throughout the UK in strategic consulting, project delivery, business communications, support, and security.

Firesand

Firesand

Based in Milton Keynes, Firesand Ltd provides penetration testing services to improve your cyber security and protect your company against hackers.

Levio

Levio

Levio is a digital native business and technology consulting firm. As a true partner from start to finish, our goal is a long-lasting transformation that’s right for your business model.

Simbian

Simbian

Simbian, with its hardened TrustedLLM system, is the first to accelerate security by empowering every member of a security team from the C-Suite to frontline practitioners.

SITS Group

SITS Group

SITS Group excel in delivering a comprehensive range of Cyber Security consulting and managed services, from cloud transformation to risk management.