Article
Operational Security

Research explores consumer susceptibility to ChatGPT scams

By Amber Jackson
September 18, 2023
undefined mins
Survey respondents were asked to review different schemes and express whether they would be susceptible and if they were not, to identify factors that aroused suspicion
Survey respondents were asked to review different schemes and express whether they would be susceptible and if they were not, to identify factors that aroused suspicion
A survey from Beyond Identity underscores the importance of cyber vigilance against AI-powered phishing, app and password threats

Beyond Identity, a leading provider of passwordless, phishing-resistant multi-factor authentication (MFA), has released the findings of its new industry research on the diverse methods hackers are employing to breach systems, steal sensitive information and automate complex processes with the help of generative AI technology.

The company conducted a survey of 1,000+ Americans demonstrating exactly how convincing ChatGPT scams can be, and how consumers and businesses can protect themselves from falling victim to fraudulent messages, unsafe applications and password theft. 

Notably, 39% said they would fall victim to at least one of the phishing messages, 49% would be tricked into downloading a fake ChatGPT app and 13% have already used AI to generate passwords.

More than a third of participants vulnerable to AI scams

Survey respondents were asked to review different schemes and express whether they would be susceptible and if they were not, to identify factors that aroused suspicion. As part of the survey, ChatGPT drafted phishing emails, texts and posts and respondents were asked to identify which were believable. 

Of the 39% that said they would fall victim to at least one of the options, social media post scams (21%) and text message scams (15%) were most common. For those wary of all the messages that they received, the top giveaways were suspicious links, strange requests and unusual amounts of money being requested.

“With adversaries using AI, the level of difficulty for attackers will be markedly reduced. While writing well-crafted phishing emails is a first step, we fully expect hackers to use AI across all phases of the cybersecurity kill chain,” said Jasson Casey, CTO of Beyond Identity. 

“Organisations building apps for their customers or protecting the internal systems used by their workforce and partners will need to take proactive, concrete measures to protect data—such as implementing passwordless, phish-resistant multi-factor authentication (MFA), modern Endpoint Detection and Response (EDR) software and zero trust principles.”

Being aware of ‘bad actors’ who use ChatGPT

Although 93% of respondents had not experienced having their information stolen from an unsafe app in real life, 49% were fooled when trying to identify the real ChatGPT app out of six real but copycat options. 

Interestingly, those who had fallen victim to app fraud in the past were much more likely to do so again, according to Beyond Identity.

The survey also explored how ChatGPT can be leveraged by hackers for social engineering purposes. For instance, ChatGPT can use easy-to-find personal information to generate lists of probable passwords to attempt to breach accounts. This is a problem for the one in four respondents who use personal information in their passwords, like birth dates (35%) or pet names (34%) that can be readily found on social media, business profiles and phone listings. 

While longer passwords with random characters and no personal information may seem like the best way to combat this malicious AI capability, the report is clear with its message: any and all passwords are a critical vulnerability for organisations since bad actors will find other, easier ways into accounts – making, in Beyond Identity’s opinion, passwordless and phish-resistant MFA an absolute necessity.


******

For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - Technology Magazine | AI Magazine.

Please also check out our upcoming event - Cloud and 5G LIVE on October 11 and 12 2023.

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.

BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.

CYBERCyber AttackDigital TransformationHackscamsChatGPT
Share
Share
Author
Amber Jackson

Featured Articles

World Password Day: 5 Best Practices To Protect Your Data

For World Password Day 2024, Cyber Magazine shares some of the most important strategies for businesses to protect their information from threat actors

Blackberry: The Rise of Gen AI in Cybersecurity Operations

BlackBerry has announced Cylance Assistant, a generative AI tool utilising Amazon Bedrock to enhance cyber threat detection and response capabilities

Keeper: Cutting-Edge Cybersecurity for Williams Racing

Cybersecurity firm Keeper Security has partnered with Williams Racing to provide advanced solutions to protect the Formula 1 team’s critical data

Norton: Report Highlights Rising Trend of AI Dating Scams

Cyber Security

Barracuda: Why Businesses Struggle to Manage Cyber Risk

Cyber Security

Evri, Amazon and Paypal Among Brands Most Used by Scammers

Cyber Security