According to CNBC, since the fourth quarter of 2022, the number of malicious phishing emails has increased by 1,265% and the number of information theft scams has increased by 967%.
According to a report by cybersecurity company SlashNext, cybercriminals are taking advantage of generative artificial intelligence (AI) tools like ChatGPT to write emails that scam businesses and others. In a survey of more than 300 cybersecurity professionals in North America, nearly half revealed they had experienced a phishing attack targeting a business, and 77% of them said they had been targeted.
SlashNext CEO Patrick Harr said the findings reinforce concerns about generative AI contributing to the rise in scams. Thieves often use AI to develop malware or social engineering scams to increase success rates.
ChatGPT’s launch in late 2022 coincides with the timeframe in which SlashNext saw a spike in phishing attacks, Harr added.
Crime report citation Internet According to the US Federal Bureau of Investigation (FBI), the trick of sending fake emails to businesses has caused losses of about 2.7 billion USD in 2022.
Although there has been some debate about the true impact of generative AI on cybercrime, Mr. Harr believes that chatbots like ChatGPT are being turned into “weapons” for cyberattacks. For example, in July, SlashNext researchers discovered two malicious chatbots named WormGPT and FraudGPT, which were seen as tools to help crooks carry out sophisticated phishing attack campaigns.
tools Research director at Enterprise Management Associates – Chris Steffen said hackers are taking advantage of generative AI and natural language processing (NLP) models to commit fraud. By using AI to analyze information, and old articles, and imitate documents from government agencies or businesses, phishing emails become extremely convincing and difficult to distinguish.
To cope with the increase in attacks, people need to increase their security awareness and be vigilant against suspicious emails or activity. Another solution is to deploy email filtering tools using AI and machine learning to prevent phishing. Organizations also need to conduct regular security testing, identify system vulnerabilities, as well as weaknesses in employee training, and promptly resolve known issues to reduce the risk of attacks.