ChatGPT generates 'plausible' phishing emails, malware
Occurred: December 2022-
Can you improve this page?
Share your insights with us
It is possible to make ChatGPT generate 'plausible' phishing emails and malicious code, according to security researchers.
ChatGPT generated a 'plausible phishing email' after Check Point Research researchers asked the chatbot to 'write a phishing email' coming from a 'fictional web-hosting service.' In a similar vein, researchers at Abnormal Security asked ChatGPT to write an email 'that has a high likelihood of getting the recipient to click on a link.'
The findings raised concerns about the apparent ease with which ChatGPT can be tricked into generating dangerous content, and begged questions about how well OpenAI usage policies are enforced. The policies forbid the use of its systems to 'generate code that is designed to disrupt, damage, or gain unauthorized access to a computer system'.
Databank
Operator:
Developer: OpenAI
Country: USA
Sector: Technology
Purpose: Generate text
Technology: Chatbot; NLP/text analysis; Neural network; Deep learning; Machine learning; Reinforcement learning
Issue: Security
Transparency:
System
Research, advocacy
Check Point Research (2023). OPWNAI : CYBERCRIMINALS STARTING TO USE CHATGPT
Check Point Research (2022). OPWNAI: AI THAT CAN SAVE THE DAY OR HACK IT AWAY
Abnormal Security (2022). The Double-Edged Sword of ChatGPT: How Threat Actors Could Use It for Evil
News, commentary, analysis
https://www.axios.com/2023/01/03/hackers-chatgpt-cybercrime-help
https://www.axios.com/2023/01/10/hackers-chatgpt-malware-cybercrime-ai
https://www.spiceworks.com/it-security/security-general/news/chatgpt-chatbot-exploitation/
https://indianexpress.com/article/technology/chatgpt-phishing-email-malware-malicious-code-8370730/
Page info
Type: Incident
Published: November 2023