Cyber Criminals Are Quick To Use ChatGPT 

Uploaded on 2023-03-06 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-Cybersecurity News, FREE TO VIEW

ChatGPT has captured the Internet’s attention with millions using the technology to write poems, craft short stories, answer questions and even ask advice and now cyber criminals have begun using OpenAI’s artificially intelligent chatbot ChatGPT to quickly construct hacking tools. 

Norton has released its quarterly Consumer Cyber Safety Pulse Report which observes that cyber criminals have extended  the use of ChatGPT to create deepfake chatbots, phishing campaigns and malware.

OpenAI, a private company backed by Microsoft, made it available to the public for free in November. In addition to writing lures, ChatGPT can also generate code. 

Nortons research team have examined how cyber criminals can use artificial intelligence to create realistic and sophisticated threats. The latest report includes an analysis of how large language models can enhance criminal tactics. Amongst other exploits, cyber criminals are using  ChatGPT to generate malicious threats through its impressive ability to generate human-like text that adapts to different languages and audiences and in tis way criminals can quickly and easily craft email or social media phishing lures that are even more convincing, making it more difficult to tell what’s legitimate and what’s a threat.

ChatGPT can generate articles, essays, jokes, poetry and job applications in response to text prompts. It can respond to questions in a human-like manner and understand the context of follow-up queries much like in human conversations, as well as being able to compose longform pieces of writing if asked. 

Just as ChatGPT makes developers’ lives easier with its ability to write and translate source code, it can also make cyber criminals’ lives easier by making scams faster to create and more difficult to detect.

“I’m excited about large language models like ChatGPT, however, I’m also wary of how cyber criminals can abuse it...  We know cybercriminals adapt quickly to the latest technology, and we’re seeing that ChatGPT can be used to quickly and easily create convincing threats," Kevin Roundy, Senior Technical Director of Nortonn said.

As well as using ChatGPT for effective phishing, criminals can also use it to create deepfake chatbots which   can impersonate humans or legitimate sources, like a bank or government entity, to manipulate victims into disclosing personal information to gain access to sensitive information, steal money or commit fraud.

Norton's advice is to be suspicious and extremely cautious when engaging with unknown sources of possible risk: 

  • Avoid chatbots that don’t appear on a company’s website or app and being cautious of providing any personal information to someone you’re chatting with online
  • Take a moment to think before you click on links in response to unsolicited phone calls, emails or messages.
  • Update your security measures to make sure you have a  a leyer of security that goes beyond known malware recognition, such as behaviour detection and blocking.

The latest Pulse Report also revealed that throughout 2022, Norton thwarted over 3.5 billion threats, or around 9.6 million threats per day. In 2022, Norton blocked 90.9 million phishing attempts, 260.4 million file threats, 1.6 million mobile threats, 274 thousand ransomware attacks. Norton AntiTrack blocked over 3 billion trackers and fingerprinting scripts. In the last quarter alone, Norton blocked over 787.7 million threats, or around 8.5 million threats per day. From October through December 2022, Norton blocked 27 million phishing attempts, 49.4 million file threats, 770 thousand mobile threats, 46 thousand ransomware attacks. Norton AntiTrack blocked over 1 billion trackers and fingerprinting scripts.

OpenAI has put certain filters in place to prevent obvious requests for ChatGPT to construct malware with policy violation notifications, but hackers have already found ways around those safeguards. 

Techguide:    NZHerald:     Guardian:    Business Insider:     Forbes:    Analytic Insight:   ITBrief:     

You Might Also Read:

The Latest Artificial Intelligence Technologies:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« New US National Cyber Security Strategy
Detecting Digital Injection To Counter Deepfake Biometric Fraud  »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Lookout

Lookout

Lookout is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack.

Cyfor

Cyfor

Cyfor provides digital forensics and eDiscovery in civil, criminal, intellectual property, litigation and dispute resolution investigations.

idappcom

idappcom

idappcom provides unique industry approved software solutions for auditing and enhancing the threat recognition and response capabilities of your corporate security defences.

Viasat

Viasat

Viasat is a provider of high-speed satellite broadband services and secure networking systems covering military and commercial markets.

Cycuity

Cycuity

Cycuity (formerly Tortuga Logic) is a cybersecurity company that is transforming the way we secure silicon with comprehensive hardware security assurance.

GuardRails

GuardRails

GuardRails provides continuous security feedback that empowers developers to find, fix, and prevent vulnerabilities.

K2 Cyber Security

K2 Cyber Security

K2 Cyber Security delivers the Next Generation Application Workload Protection Platform to secure web applications and container workloads against sophisticated attacks.

Appgate

Appgate

Appgate is the secure access company. We empower how people work and connect by providing solutions purpose-built on Zero Trust security principles.

Informatics International

Informatics International

Informatics is a leading ICT provider in Sri Lanka, providing cutting-edge software & infrastructure solutions and services including cyber security.

OSIbeyond

OSIbeyond

OSIbeyond provides comprehensive Managed IT Services to organizations in the Washington D.C., MD, and VA area including IT Help Desk Support, Cloud Solutions, Cybersecurity, and Technology Strategy.

Centraleyes

Centraleyes

Centraleyes (formerly CyGov) is a cutting-edge integrated cyber risk management platform that gives organizations unparalleled understanding of their cyber risk and compliance.

Input Output (IOHK)

Input Output (IOHK)

IOHK is one of the world's pre-eminent blockchain infrastructure research and engineering companies.

Kubus Hitam

Kubus Hitam

Kubus Hitam are a research-based company focused on cyber security. we strongly believe that innovation and safety are the two keywords for the future business market.

Cyber Explorers

Cyber Explorers

Cyber Explorers is a fun, free and interactive learning platform for future digital superstars. An exciting addition to UK curriculum delivery or after school activities.

Enterprise Strategy Group

Enterprise Strategy Group

Enterprise Strategy Group, a division of TechTarget, is an IT analyst, research, validation, and strategy firm that provides market intelligence and actionable insight to the global IT community.

London AI Safety Research (LASR)

London AI Safety Research (LASR)

London AI Safety Research Labs is a technical AI Safety research programme focussed on reducing the risk of loss of control to advanced AI.