We are more than halfway down in 2024, and the number of AI-based scams is not looking like it’s in the mood for dwindling anytime soon. Since the launch of ChatGPT in November 2022, AI-based threats have grown, especially in their speed, volume, and sophistication. In fact, the Q4 of 2022 saw an increase of 1265% in malicious phishing emails and a 967% rise in credential phishing in particular.
So, to prevent your peace of mind, reputation, and hard-earned money, it’s better that you step up your preventive measures and adopt some best practices to spot and stop scams.
Here 4 types of artificial intelligence-driven cyber threats that are lurking around in 2024 and are planning to stay-
1. AI-backed phishing attacks
A simple ChatGPT prompt, when done smartly (or we say maliciously), can generate a full-fledged phishing email that looks so trusting that it can deceive anyone and everyone. Gone are the days when wrong spelling, grammar, and tonality were the red flags of phishing emails.
While it’s true that if you specifically ask the chatbot to create a phishing email for you, it will deny it outright. However, as mentioned above, it works if someone does it smartly.
Now that the language of the content may not be a sign of a phishing email, you need to verify an incoming email’s legitimacy by checking the sender’s details and links embedded. Threat actors leverage typography techniques to create fake email addresses that resemble the original but have some hard-to-spot alterations. Also, hover your cursor over the link before clicking it and check the bottom left corner of your screen; you will see where this link will redirect you if you click it. Proceed only if the website looks safe.
SPF, DKIM, and DMARC are vital email security protocols that help combat email spoofing by verifying the legitimacy of the sender’s domain, ensuring the message’s authenticity, and blocking fraudulent emails from reaching their targets.
If anything looks suspicious, don’t respond or directly confirm with the organization from which the email was claimed to come.
2. Fake ChatGPT app and website scams
As per a report from Sophos, many fake or alternative ChatGPT apps are ranking on the internet. These adjacent apps offer free programs with limited functionality and bombard users with advertisements. These advertisements don’t go away until they sign up for their subscriptions. There is a fake ChatGPT app called Genie, which offers a weekly subscription for $7 and a yearly subscription for $70. You would be surprised to know that it made $1 million over a monthly period.
To avoid subscription fees or downloading malware-infected files, don’t go on fake apps. iPhone users can now download the official ChatGPT app on the App Store. Alternatively, both iPhone and Android users can add a ChatGPT web link to their home screen. For iPhone users, creating a Siri shortcut to access ChatGPT online is also an option. There’s little difference between using a home screen shortcut and a native app in this case.
3. AI investment scam
There was a time when cryptocurrency was the talk of the town, and now it’s ChatGPT. Threat actors are leveraging this hype and creating fake investment opportunities that seem genuine and promising.
Lately, cyber actors have used names like ‘TeslaCoin’ and ‘TruthGPT Coin’ to trick people, capitalizing on the popularity of Elon Musk and ChatGPT. California’s Department of Financial Protection & Innovation claims that Maxpread Technologies created a fake AI CEO to push these investments, leading to a cease-and-desist order against the company.
If you receive an unsolicited email, text message, or phone call luring you into making investments that sound too good to be true, then treat their tips with extreme caution. Chances are that their baits are actually ‘too good to be true.’ Please remember that returns are never guaranteed on investments, and your capital remains at risk. Understand the relevance of due diligence before giving away your money to anyone, even if it sounds genuine.
4. Romance scam
This new technology is also exploited to trick hopeless romantic people out of their money or critical data. Romance scams aren’t new, but with artificial intelligence, malicious actors are able to generate photos and videos, taking the scam to a whole new level, where the victim doesn’t smell the suspicion at all.
They extort money out of emotional blackmailing or even manipulating victims into investing in bogus schemes.
If you are also uncertain about your online dating partner, ask them open-ended questions, and if the responses are too generic and lack nuance, there is a chance that you are being fooled. Also, don’t do anything that involves spending money or giving your financial information in any way.
Be careful!
Be watchful of the latest social engineering tactics and warnings by the FTC, FBI, and other federal agencies. Also, consider investing in VPN with malware detection and other cybersecurity protocols. Lastly, don’t give away your personal details asked by pop-ups on any random websites, and refrain from unnecessary sign-ups for newsletters and similar things.