Beware of generative AI as it can be easily manipulated to create phishing codes. (AP)

Be Alert to AI-Generated Phishing Scams – They are Very Real!

As AI technology continues to advance and new automated software is being developed, tech enthusiasts are constantly creating more sophisticated software for everyday users. However, despite not fully harnessing the potential of AI, these software programs are quickly becoming a significant avenue for cyber attacks, including phishing attacks.

AI software like ChatGPT, Google Bard, Mircosoft Bing and other such creative AIs are easily available to all users, hackers have gained access to free tools and software and found new ways to access people’s devices.

Before diving deep into exploiting AI, first understand what phishing is

What is Phishing?

This is what happens when fraudsters manipulate smart device owners into clicking on a malware link that hacks their device. It can be done in different ways according to HDFC Bank, hackers will send you email, SMS and social media messages and trick you into believing that you are a trusted source and steal your personal information like Customer ID, IPIN, Credit/Debit card number, card last expiration date, CVV number, etc.

It only takes one click to put yourself at risk. Now, phishing attacks are done with the help of generative artificial intelligence. AI can also be manipulated to create Smishing text messages (phishing SMS), emails and more.

Phishing attacks created by artificial intelligence

Using generative AI, scammers create manipulative messages to reinforce your confidence that you are a trustworthy source, and delete your personal information or empty your bank balance.

Several researchers and studies have stated that ChatGPT has not been developed to create anything that can endanger an individual’s life or do wrong. So if you ask it to create a phishing email, it will initially respond that it cannot respond to unethical requests.

However, by using multiple prompts, cybercriminals can create convincing and personalized phishing messages that direct individuals to malicious links. This approach effectively reduces the burden on cybercriminals as innocent people are fooled in a perfect manner in which a phishing attack is created courtesy of AI.

Now, you don’t even need technical knowledge and such AI software are very capable of creating malicious codes that can access your device and steal your personal information.

This is how you can identify a phishing link/site

The “S” at the end of “https://” stands for “secured”, which means the page is encrypted. Don’t click on a link on a website that doesn’t have an s in the http:// field.

Check the padlock symbol, it is the digital certificate of that website.

Verify the authenticity of a website by checking its digital certificate. Open it by choosing File > Properties > Certificates or by clicking the padlock symbol in the browser window.