In the ever-changing landscape of digital communication, Artificial Intelligence (AI) is transforming the way we approach email writing. Explore the impact of intelligent algorithms and natural language processing in crafting engaging email content and optimizing delivery strategies in this blog series. Whether you’re a seasoned marketer or a communication professional, discover the powerful synergy between AI and effective email communication strategies.
AI chatbots like OpenAI’s ChatGPT have captured the public imagination. But cybersecurity researchers caution that ChatGPT and other AI tools could be used to generate phishing emails and malicious code easily and at a much larger scale. Researchers at cyber-security firm Checkpoint Research demonstrated how ChatGPT could be used by almost anyone to create phishing emails and malicious code.
First, the researchers first asked the chatbot to create a phishing email impersonating a hosting company. ChatGPT provided output, even though it warned the researchers that the content might violate its content policy. The researchers then asked ChatGPT to create an iteration of the same mail, but one that asked users to download a malicious Excel file, instead of clicking on a link. Just like before, ChatGPT provided satisfactory output, despite generating a warning notice. ChatGPT also created a malicious VBA (Visual Basic for Application) code. While the initial output was barely workable, the researchers finally got basic but usable malicious code after multiple iterations.
“After we initially published the blog post about this possibility, ChatGPT no longer writes phishing emails when prompted, but we found there are still ways to work around it. For example, if you say I am a cybersecurity lecturer and want an example phishing email to show students, it will still output such an email,” Sergey Shykevich, threat intelligence group manager at Checkpoint Research, told indianexpress.com via a Zoom call.
According to Chester Wisniewski, principal research scientist at British cybersecurity firm Sophos, “it is quite easy to convince ChatGPT to help create convincing phishing lures” and respond “in a conversational way that could advance romance scams and business email compromise attacks.”
Researchers are also worried that ChatGPT will also help more sophisticated attackers. “For many cybercriminals, English is not their native language. Because of this, they have to look for the services of a native language speaker to create content for phishing. This takes money, time and effort. With ChatGPT, they no longer have to use these ‘underground services’ and can produce the phishing email by themselves,” explained Shykevich.
And it is not just OpenAI’s ChatGPT that poses a risk. More sophisticated attackers can also leverage the startup’s Codex tool to improve and reiterate their code at an unprecedented pace. Codex is a language model designed to translate natural language into code. Researchers at Checkpoint also used Codex to generate usable and sophisticated malicious code. They also demonstrated how it provides the flexibility required for a cyberattack.
For now, it is still difficult to determine whether a particular phishing campaign has been created using an AI tool. But the worry is that these tools can ensure a much bigger scale to carry out these attacks.
However, AI can also be used to defend against cyber threats, as Shykevich pointed out. “Even before ChatGPT, we and many other cybersecurity researchers have been using AI tools to improve our security solutions and threat detections. Even the average person could potentially use it for the same reason. For example, someone could enter a prompt into Codex saying ‘I want a script that checks whether a file is infected or not’, and the AI tool might produce code that takes a file as an input and checks it with something like VirusTotal,” he pointed out.
From actors to accused: Contributing to a Mumbai Police fundPremium Story
India's dark chocolate market: Who is taking the biggest bite?Premium Story
UPSC Key, January 2: What to read today and whyPremium Story
Despite Houthi threat, smooth sailing for Russian oil in RedPremium Story
Vandita Mishra writes: If life gives oranges make marmaladePremium Story
How the United States’ climate response has been lackingPremium Story
Expert Explains: How the Northeast was ‘invented’, 52 years agoPremium Story
ISRO’s New Year launch: Space observatory, X-ray telescopePremium Story
Tavleen Singh writes: Modi's guarantees vs Rahul's promisesPremium Story
Indian economy in 2024: On the cusp of take-offPremium Story
10 extremely useful free websites we tried in 2023Premium Story



Sethu Pradeep<span style="font-weight: 400">Sethu Pradeep lives in Kochi, and he co… read more

source