You are currently viewing

This month’s Cybersecurity Minute topic is around the impact of AI (artificial intelligence) on scamming and phishing campaigns by cybercriminals.

The name ChatGPT may sound familiar by now, in a nutshell, it’s an artificial intelligence chatbot software developed and released late last year.  This software has been open to the public since it’s release.  Basically, anyone can go on and ask the chatbot practically any how-to question; moments later, you get a detailed response including detailed steps, examples, etc.  I’d like to refer to it as a Google search on steroids as the experience is as interactive as it can possibly get- almost like your own personal Rosey the Robot from the Jetsons.

As exciting and useful as this technology can be for businesses, the misuse of it by cybercriminals has been posing some significant concerns.  Last month, we discussed how AI is being used as a tool for replicating voices and then criminals using these in scamming schemes.  This month, we wanted to bring awareness to how AI is making it more challenging for users to spot scams or phishing attempts thanks to this sophisticated technology; practically, it’s important for users to no longer expect these campaigns to come as poorly typed emails from Princes in other countries needing a favor from you.

In a recent interview with Stu Sjouwerman, founder and CEO of security firm KnowBe4, he recommends that users keep an eye out for “literally any content that seems even the slightest bit suspect or out of the norm to be treated as hostile until proven otherwise”.

A few additional tips to always keep at top of mind:

  1. Use preview pane and always verify that the email is coming from a legitimate source- cybercriminals can spoof a generic email to make it look like it’s coming from a legitimate source.
  2. Never feel pressurized into opening an attachment and avoid clicking any links, especially if labeled “enable content”.
  3. Verify your junk email settings.
  4. We strongly recommend having a separate generic email (Gmail, yahoo, etc.) to use when creating online accounts or booking hotels, etc. 
  5. Always verify through a direct phone call or another direct communication method to the individual before opening any attachments or clicking on any links.
  6. Create a culture where your team knows to “verify before clicking”.

 

As always, know that your Paradigm team is a call, email or text away, whenever in doubt, we are here to help- 321-248-3954 or [email protected]