Protect Your Personal Data
At this point, you’ve likely heard of the viral AI sensation ChatGPT. It’s a chatbox with a variety of uses, including answering questions, creating trip itineraries, developing emails, etc. Some companies have even invested in their own versions for employees to use for job related responsibilities. While these versions of ChatGPT are regulated with safeguards to prevent malicious use, a new AI model has been unleashed specifically designed to generate malicious content.
According to SlashNext’s article on this matter, WormGPT, the malicious AI module based on the GPTJ language model, boasts a range of features, including unlimited character support, chat memory retention, and code formatting capabilities. SlashNext conducted tests centered around Business Email Compromise (BEC) attacks, and the results were jarring. WormGPT was able to create convincing, even persuasive, emails for phishing attacks. This AI is able to create content with exceptional grammar, meaning phishing attacks are becoming harder to spot. The accessibility of this tool enables its use with a larger range of attackers, including cybercriminals with limited technology & coding abilities.
Now more than ever it’s crucial to be vigilant in protecting your personal data in this new era of cyberattacks. SlashNext recommends the following precautions:
- BEC-Specific Training: Companies should develop extensive, regularly updated training programs aimed at countering BEC attacks, especially those enhanced by AI. Such programs should educate employees on the nature of BEC threats, how AI is used to augment them, and the tactics employed by attackers. This training should also be incorporated as a continuous aspect of employee professional development.
- Enhanced Email Verification Measures: To fortify against AI-driven BEC attacks, organizations should enforce stringent email verification processes. These include implementing systems that automatically alert when emails originating outside the organization impersonate internal executives or vendors, and using email systems that flag messages containing specific keywords linked to BEC attacks like “urgent”, “sensitive”, or “wire transfer”. Such measures ensure that potentially malicious emails are subjected to thorough examination before any action is taken.
Coca-Cola Credit Union is dedicated to our members safety. If there are any questions about account activity, suspicious emails, or requests for information please contact creditunion@coca-cola.com or call 877-277-2586 to speak with a representative.