AI Tool WormGPT Enables Convincing Fake Emails For BEC Attacks
Cyber Security Threat Summary:
New research conducted by security firm SlashNext reveals that cyber-criminals are utilizing a potent tool called WormGPT, a generative AI system, for carrying out business email compromise (BEC) attacks. Security expert Daniel Kelley, observed a worrisome trend in online forums where cyber-criminals are offering “jailbreaks” for interfaces like ChatGPT. These jailbreaks are specialized prompts that aim to exploit ChatGPT by manipulating it to generate outputs involving sensitive information disclosure, inappropriate content generation, or even the execution of harmful code. The emerging practices highlight the increasing difficulties in upholding AI security against persistent cyber-criminals.
Security Officer Comments:
Kelly emphasized the benefits of using AI, like WormGPT, for BEC attacks, including the ability to produce flawless grammar in emails to minimize suspicion. The accessibility of this technology lowers the barrier for entry, enabling cyber-criminals with limited expertise to carryout sophisticated attacks, thus demonstrating its utilization. Timothy Morris, the chief security advisor at Tanium, pointed out that not only do emails appear more persuasive due to their proper grammar, but the ease of creating such emails has significantly reduced the obstacles for potential criminals. Additionally, the ability to overcome language barriers has expanded to pool of potential victims.
Suggested Correction(s):
BEC attacks are harder to defend against than traditional phishing because common indicators like bad domains are not used. Because communications are coming from trusted and expected partners, employees will be more likely to fall victim to attacks.
The only real prevention is to train employees to spot BEC attacks. Employees should understand that every email received could be malicious. If you receive a strange invoice, wire transfer request, or unexpected email from a trusted user, verification via phone is recommended. Never use email communications to verify a payment request, because the account may still be compromised by the threat actor.
Avoid requests that prey on emotions, have a sense of urgency, or just feel off. While emails may be coming from a trusted sender, spelling mistakes and bad grammar seen in normal phishing emails may still be present.
To avoid falling victim to BEC yourself, multifactor authentication is recommended on all email accounts. Users should monitor leak websites and leverage security tools that monitor for stolen or leaked credentials.
Link(s):
https://www.infosecurity-magazine.com/news/wormgpt-fake-emails-bec-attacks/