The Weekly breach Breakdown Podcast by ITRC - As the Worm Turns - S4E19

Show Transcript

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for July 21, 2023. Thanks to Sentilink for their support of the podcast and the ITRC. Each week, we look at the most recent events and trends related to data security and privacy. This week, we look at WormGPT, a black hat tool that creates compelling phishing emails to lure victims into giving away their personal information. This AI tool takes the stage, and this time, it’s not very user-friendly.

We’re all familiar with one of the most popular movie franchises of all time: Terminator. We won’t beleaguer the details of the movie and its many sequels. Instead, we will focus on the antagonist, Skynet. A sentient AI that built its own army of deadly robots in order to end humanity. ChatGPT and other positive generative AI tools have caught popular attention in the real world. However, now comes the flip side of AI for good. Ladies and Gentlemen, meet ChatGPT’s evil twin.

WormGPT Being Used to Create Phishing Emails

As mentioned above, WormGPT is a black hat tool that creates phishing emails. You may think, “Well, that can’t be legal,” and you’d be right, at least partially. WormGPT has no restrictions on its use for illegal activities. Its features are impressive, with unlimited character support, chat memory retention, exceptional grammar, lowered entry threshold and code-formatting capabilities.

AI Bots Can Write Better Phishing Emails Than Humans

A recent study conducted by cybersecurity firm SoSafe found that AI bots can write better phishing emails than humans. These emails are almost unrecognizable at first glance and are opened by 78 percent of recipients. Of those, 21 percent click on potentially malicious content, such as links or attachments.

Potential Impacts of WormGPT Include Financial Losses

WormGPT’s potential impact on cybersecurity is unprecedented. Its ability to generate persuasive and strategically cunning emails will take personalization to a new level, making these attacks even more dangerous. This will inevitably lead to significant financial losses for individuals and businesses alike.

How You Can Protect Yourself

We must stay vigilant and take precautions to protect ourselves and our businesses from such attacks. This includes being cautious when opening emails from unknown sources, avoiding clicking on suspicious links or attachments and regularly updating security software.

The ITRC is an excellent resource for learning about AI tools, phishing and identity theft prevention. We offer tips and advice on creating strong passwords, securing your accounts and protecting your personal information online.

Contact the ITRC

If you want to know more about how to protect your business or personal information, or if you think you have been the victim of an identity crime, you can speak with an expert ITRC advisor on the phone, chat live on the web, or exchange emails during our normal business hours (Monday-Friday, 6 a.m.-5 p.m. PST). Just visit www.idtheftcenter.org to get started.

Thanks again to Sentilink for their support of the ITRC and this podcast. If you have not done so, check out last week’s podcast on our H1 2023 Data Breach Analysis. We will return next week with another episode of the Weekly Breach Breakdown.