Online scams can now become much more dangerous with scammers having uninterrupted access to ChatGPT, an AI-powered chatbot (opens in a new tab) that never seems to leave the headlines.
That’s what the report says (opens in a new tab) published earlier this month by Norton cybersecurity researchers. In it, the company outlined three key ways cybercriminals can use ChatGPT to increase the effectiveness of online fraud: by generating deepfake content, large-scale phishing, and faster malware development.
Norton also argues that the ability to generate “high-quality disinformation or disinformation on a large scale” could help bot farms to fuel divisiveness more effectively, allowing cybercriminals to “spread distrust and shape narratives across languages” with ease.
Fighting disinformation
They say scammers who want to manage fake reviews could also spend a day in the field with ChatGPT, generating them en masse and with different tones of voice.
Finally, the now-famous chatbot can be used in “harassment campaigns” on social media to silence or intimidate people, Norton says, adding that the consequences can be “chilling”:
Hackers can also use ChatGPT in phishing campaigns, which in many cases are run by non-native English-speaking attackers, helping victims spot obvious fraud attempts with poor spelling and grammar. With ChatGPT, cybercriminals can create highly persuasive emails on a large scale.
Finally, malware coding may no longer be reserved for experienced hackers. “With the right prompt, novice malware authors can describe what they want to do and get working code snippets,” the researchers said.
As a consequence, we may witness an increase in the number and sophistication of malware, they say. Also, thanks to ChatGPT’s ability to quickly and easily “translate” source code into less common programming languages, more malware could outpace antivirus solutions.
As with any new tool before that, ChatGPT will most likely be used by scammers and hackers for their purposes. The researchers conclude that it is up to users, as well as the broader cybersecurity community, to respond to these new threats.