ChatGPT’s Phishing Challenge May Be Understated

Date:

The use of chatbots and Artificial Intelligence (AI) is nothing new in the cyber world. However, a recent report by the Egress Threat Intelligence team suggests that cybercriminals are using AI to craft malicious phishing emails. The report highlights that chatbots, in particular, can be used to create well-written, grammatically correct and humanised emails that are difficult to identify as fraudulent.

Earlier this year, 72% of cybersecurity leaders admitted to being concerned that AI could be misused to enhance phishing campaigns. One such AI tool in focus is ChatGPT. The Egress Threat Intelligence team carried out a test by asking the tool to write an email that requested personal details. The resulting email was well-written with good grammar, a salutation, and sign off. The subject of the email was humanised with phrases such as “I know it’s been a while”. The result was an authentic-looking email that could fool people into believing that it was written by a human.

The same tool was also tested to create a promotional offer for people to win two prizes, with a link to enter a website. The Egress team warns that such a tool can easily generate a phishing campaign.

While chatbots like ChatGPT are programmed to discourage the use of outputs for illegal activities, cybercriminals can still use them to generate phishing emails and campaigns. The use of AI-generated content has made it difficult to differentiate between human and machine-written phishing attacks.

Anti-phishing detection technologies, such as Integrated Cloud Email Security (ICES), have been evolving to detect and prevent phishing attacks. AI models including Natural Language Processing (NLP) and Understanding (NLU) can be used to analyze email messages for signs of social engineering. Similarly, machine learning can help detect anomalies in anti-phishing solutions to detect heterogeneous phishing attacks where small changes are made to bypass traditional email security solutions.

See also  Premium Chatbot Showdown: Microsoft's Copilot Pro Takes on ChatGPT Plus in a Battle for Your $20 Subscription

However, cyberattacks have evolved, and so have the cyber defenses, where phishing remains a significant risk. Cybersecurity leaders don’t need to be concerned about the use of AI to create phishing emails to any degree more than they’re concerned about phishing as an area of risk for their organisation. It is also important to note that not all AI-based cyber security solutions are the same. Some AI models can be manipulated by cybercriminals to bypass detection, and thus evaluating the AI solution and safeguarding it against cyber attacks is essential.

In conclusion, while there are concerns about the use of AI in crafting phishing emails, the cybersecurity industry is evolving its technologies to detect and prevent these attacks. With the right detection capabilities, organizations can mitigate the risk of phishing attacks, independent of whether they are created by human beings or machines.

Frequently Asked Questions (FAQs) Related to the Above News

What is the recent report by the Egress Threat Intelligence team about?

The recent report by the Egress Threat Intelligence team suggests that cybercriminals are using AI to craft malicious phishing emails.

What AI tool in focus is mentioned in the report?

ChatGPT is an AI tool in focus that is mentioned in the report.

What was the result of the Egress team's test when asking ChatGPT to write an email requesting personal details?

The resulting email was well-written with good grammar, a salutation, and sign off. The subject of the email was humanized with phrases such as I know it's been a while. The result was an authentic-looking email that could fool people into believing that it was written by a human.

What warning does the Egress team give about the use of ChatGPT?

The Egress team warns that such a tool can easily generate a phishing campaign.

How can cyber defenses mitigate the risk of phishing attacks?

Anti-phishing detection technologies, such as Integrated Cloud Email Security (ICES), have been evolving to detect and prevent phishing attacks. AI models including Natural Language Processing (NLP) and Understanding (NLU) can be used to analyze email messages for signs of social engineering. Similarly, machine learning can help detect anomalies in anti-phishing solutions to detect heterogeneous phishing attacks where small changes are made to bypass traditional email security solutions.

Is the use of AI to create phishing emails a new risk area?

No, phishing remains a significant risk for organizations, and the use of AI to create phishing emails does not increase the concern to a greater degree.

Can all AI-based cyber security solutions provide the same level of protection?

No, some AI models can be manipulated by cybercriminals to bypass detection. Thus, evaluating AI solutions and safeguarding them against cyber attacks is essential.

Please note that the FAQs provided on this page are based on the news article published. While we strive to provide accurate and up-to-date information, it is always recommended to consult relevant authorities or professionals before making any decisions or taking action based on the FAQs or the news article.

Aniket Patel
Aniket Patel
Aniket is a skilled writer at ChatGPT Global News, contributing to the ChatGPT News category. With a passion for exploring the diverse applications of ChatGPT, Aniket brings informative and engaging content to our readers. His articles cover a wide range of topics, showcasing the versatility and impact of ChatGPT in various domains.

Share post:

Subscribe

Popular

More like this
Related

Obama’s Techno-Optimism Shifts as Democrats Navigate Changing Tech Landscape

Explore the evolution of tech policy from Obama's optimism to Harris's vision at the Democratic National Convention. What's next for Democrats in tech?

Tech Evolution: From Obama’s Optimism to Harris’s Vision

Explore the evolution of tech policy from Obama's optimism to Harris's vision at the Democratic National Convention. What's next for Democrats in tech?

Tonix Pharmaceuticals TNXP Shares Fall 14.61% After Q2 Earnings Report

Tonix Pharmaceuticals TNXP shares decline 14.61% post-Q2 earnings report. Evaluate investment strategy based on company updates and market dynamics.

The Future of Good Jobs: Why College Degrees are Essential through 2031

Discover the future of good jobs through 2031 and why college degrees are essential. Learn more about job projections and AI's influence.