Artificial Intelligence (AI) technology continues to evolve, enhance and become more powerful. While AI can be very beneficial, it can be just as harmful. In fact, AI has now become a powerful tool for generating phishing emails- specifically AI chatbot tools such as ChatGPT.* Scammers have been taking advantage of this tool because it makes phishing attacks more successful and effective with less effort.
By using ChatGPT, it makes the job easier for scammers and could increase the volume of phishing attacks – which may convince you to click a malicious link or hand over personal information.
What is Happening?
A key indicator of fraudulent phishing emails is grammatical and spelling errors. However, this basic flaw in phishing attempts is being rectified by AI chatbots- with the ability to correct errors that usually trip spam filters or are a red flag to readers. These chatbots have the capability of generating well-written, structured emails that are free of grammatical and spelling errors.**
Stay Safe from Phishing
Phishing attacks are common and are becoming more and more effective. Even well-crafted emails can still appear suspicious. Just because there are no grammar mistakes or spelling typos does not mean it is legitimate. However, you can still stay safe if you know what else to look out for.
- Stay on guard for emails that look too good to be true. Even well-crafted emails can still appear suspicious. Just because there are no grammar mistakes or spelling typos does not mean it is legitimate.
- Be suspicious of unusual urgency. This is a common trick used to get victims to panic and click without thinking.
- Do not reply, especially with personal information. Legitimate emails will almost never ask for personal or financial information in reply
- Look out for bogus links. Hover your cursor over a link to see where it actually leads – and if it is a non-matching address, do not click!
- Look at the sender’s email address. Search the domain to see if it matches the legitimate website.
- Look for generic greetings. Greetings, such as “Dear valued customer”, are a red flag.
- Go to the source. If you think an email could be legitimate, call the company directly to verify.
Protect Yourself from Phishing:
- Use antivirus software.
- Use a multi-factor authentication.
- Back up data on your computer to a hard drive or in the cloud.
If you think a scammer has your information, such as your Social Security number, credit card, or bank account number, report to IdentityTheft.gov.
*Prepare for the AI Phishing Onslaught, Eyal Benishti, Forbes.
**AI Chatbots Making it Harder to Spot Phishing Emails Say Experts Betsy Reed, Guardian US.
How to Recognize and Avoid Phishing Scams, Consumer Advice, Federal Trade Commission.