By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
TechgoonduTechgoonduTechgoondu
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Search
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Reading: Generative AI can easily enable large-scale scam campaigns: Sophos
Share
Font ResizerAa
TechgoonduTechgoondu
Font ResizerAa
  • Audio-visual
  • Enterprise
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
  • PC
  • Telecom
Search
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Follow US
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Techgoondu > Blog > Cybersecurity > Generative AI can easily enable large-scale scam campaigns: Sophos
CybersecurityEnterprise

Generative AI can easily enable large-scale scam campaigns: Sophos

Ai Lei Tao
Last updated: December 1, 2023 at 6:29 PM
Ai Lei Tao
Published: December 1, 2023
4 Min Read
PHOTO: Pixabay

Cyber attackers can now use generative AI able to create convincing videos, images, or audio recordings to deceive individuals into divulging their data, as many cybersecurity firms have warned of late.

Yet, in a less dramatic but possibly more devastating manner, technology such as ChatGPT can also be used by fraudsters to conduct fraud on a massive scale to affect a lot more victims, says Sophos, a cybersecurity services provider.

In a recent test, Sophos built a fully functioning website with AI-generated images, audio, product descriptions, and a fake Facebook login and checkout page to steal users’ login credentials and credit card details. All of this is possible using LLM tools like GPT-4 and a basic e-commerce template today.

With just one button, Sophos X-Ops could construct hundreds of similar websites using the same technique in minutes, with minimal technical skills.

Given how successful this attempt was, more cyber attackers can be expected to use new technology to automate their attacks, said Ben Gelman, a senior data scientist at Sophos.

“The original creation of spam e-mails was a critical step in scamming technology because it changed the scale of the playing field,” he noted. 

“New AIs are poised to do the same; if an AI technology can create complete, automated threats, people will eventually use it,” he added. “We have already seen the integration of generative AI elements in classic scams, such as AI-generated text or photographs to lure victims.”

The good news is that Sophos’ study indicates that cyber criminals are reluctant to employ generative AI in their attack strategies, at least for now.

The company had searched four well-known Dark Web forums for conversations about LLM. It discovered that threat actors were talking about AI’s potential for social engineering, suggesting that cybercriminals are still in the early phases of using the technology. AI has already been used in romance-based, crypto scams. 

Furthermore, according to Sophos, most posts discussed “jailbreaks,” or methods of getting beyond LLM security measures to use for harmful reasons, and compromised ChatGPT accounts for sale.

Ten ChatGPT derivatives that the developers of Sophos X-Ops, a threat response task force, believe might be used to initiate cyberattacks and produce malware were also discovered.

Threat actors, however, had differing opinions about these derivatives and other nefarious uses of LLMs. A number of criminals expressed worry that the people who made the ChatGPT imitators were attempting to defraud them.

Cybercriminals are more skeptical than enthused about the abuse of AI and LLMs since the release of ChatGPT, according to Sophos.

Across two of the four forums on the Dark Web examined, it only found 100 posts on AI. In contrast, cryptocurrency scams were discussed in more than 1,000 posts for the same period.

Some cybercriminals were attempting to create malware or attack tools using LLMs, but the results were rudimentary and often met with skepticism from other users, said Christopher Budd, director of X-Ops research at Sophos. 

In one case, a threat actor, eager to showcase the potential of ChatGPT inadvertently revealed significant information about his real identity, he noted. 

“We even found numerous “thought pieces” about the potential negative effects of AI on society and the ethical implications of its use,” he added.

“In other words, at least for now, it seems that cybercriminals are having the same debates about LLMs as the rest of us,” he pointed out.

A business connected to the cloud needs cloud-ready security, connectivity
Google boosts Android anti-scam protection, starting in Singapore
Commentary: Switch between wireless networks seamlessly? Not so fast
Quantum-safe networks: A vital first step in securing the future 
Singapore a good place for women entrepreneurs
TAGGED:AIChatGPTdark Webgenerative AIGPT-4LLMscamsSophos

Sign up for the TG newsletter

Never miss anything again. Get the latest news and analysis in your inbox.

By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share This Article
Facebook Whatsapp Whatsapp LinkedIn Copy Link Print
Avatar photo
ByAi Lei Tao
Ai Lei is a writer who has covered the technology scene for more than 20 years. She was previously the editor of Asia Computer Weekly (ACW), the only regional IT weekly in Asia. She has also written for TechTarget's ComputerWeekly, and was editor of CMPnetAsia and Associate Editor at Computerworld Singapore.
Previous Article For a fruitful online journey, parents should create a digital ID early for kids
Next Article Holiday 2023 Gift Guide 2: Gearing up for serious gaming
Leave a Comment

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

FacebookLike
XFollow

Latest News

Grab goes driverless with electric shuttle trial for employees in Singapore
Enterprise
July 10, 2025
Samsung slims down Galaxy Z Fold 7, packs in 200MP camera in major upgrade
Cellphones Mobile
July 9, 2025
Singapore expands AI assurance pilot to test AI agents, detect prompt injections
Enterprise Software
July 7, 2025
In search of fairer deal for content creators, Cloudflare blocks AI scrapers
Internet Media
July 3, 2025

Techgoondu.com is published by Goondu Media Pte Ltd, a company registered and based in Singapore.

.

Started in June 2008 by technology journalists and ex-journalists in Singapore who share a common love for all things geeky and digital, the site now includes segments on personal computing, enterprise IT and Internet culture.

banner banner
Everyday DIY
PC needs fixing? Get your hands on with the latest tech tips
READ ON
banner banner
Leaders Q&A
What tomorrow looks like to those at the leading edge today
FIND OUT
banner banner
Advertise with us
Discover unique access and impact with TG custom content
SHOW ME

 

 

POWERED BY READYSPACE
The Techgoondu website is powered by and managed by Readyspace Web Hosting.

TechgoonduTechgoondu
© 2024 Goondu Media Pte Ltd. All Rights Reserved | Privacy | Terms of Use | Advertise | About Us | Contact
Follow Us!
Never miss anything again. Get the latest news and analysis in your inbox.

Zero spam, Unsubscribe at any time.
 

Loading Comments...
 

    Welcome Back!

    Sign in to your account

    Username or Email Address
    Password

    Lost your password?