With AI-driven tools such as ChatGPT and Google’s Bard becoming increasingly popular, reports have come out that indicate these tools could make it easier for hackers to steal passwords and phish sensitive information.
In fact, a recent survey by Password Manager found that 52% of surveyed cybersecurity professionals say AI has made it easier for scammers to steal sensitive information, with 56% expressing concern about hackers using AI-powered tools to steal passwords. Meanwhile, 18% say AI phishing scams pose a “high-level” threat to both the average American individual user and company.
Survey respondents were also asked to rate their level of concern when it comes to people using AI tools to hack passwords and 56% reported being ‘somewhat’ (26%) or ‘very’ (30%) concerned. Additionally, 58% of respondents say they are ‘somewhat’ (26%) or ‘very’ (32%) concerned about people using AI-powered tools to create phishing attacks.
“ChatGPT is a tool with many excellent capabilities, and there is no discussion about that. But many people don’t know it is also a powerful tool that hackers or scammers can use,” Marcin Gwizdala, Chief Technology Officer at Tidio, told Password Manager. “One of the threats that appeared by using AI, in general, is phishing scams. ChatGPT can be easily mistaken for an actual human being because it can converse seamlessly with users without spelling, grammatical, and verb tense mistakes. That’s precisely what makes it an excellent tool for phishing scams.”
He added that the best way to provide actionable solutions is by equipping IT teams with tools that can determine what’s ChatGPT-generated versus what’s human-generated, explicitly geared toward incoming “cold” emails.
Password Manager also asked survey respondents for examples of AI-generated scams they had seen recently. Some responses included:
- “Scammers could use AI language models to generate convincing phishing emails that are tailored to the recipient’s personal information and interests.”
- “I have seen fake currency trading platforms that claim to have developed a trading system with artificial intelligence predictive capabilities to attract investors, but no such system actually exists.”
- “I have seen them use artificial intelligence to steal other people’s information quickly, which is very convenient.”
With that said, Daniel Farber Huang, a subject matter expert for Password Manager offers the tips to keep safe from AI-generated scams, including:
- Assume any unsolicited communication is a potential scam and exercise precautions when reviewing messages.
- If it seems necessary to respond to an incoming communication, the safest way to do so is by contacting the sender or organization by finding official contact information directly rather than hitting “Reply.”
- Know that basic bots are used for all types of solicitation and are trained to appear human and personable, including on more professional sites such as LinkedIn.
For more information on how to keep your passwords safe, call TNTMAX at (201) 891-8686, email us at [email protected].