Artificial Intelligence (AI) has become increasingly popular in recent times. Many people have started using AI Chatbots such as ChatGPT or Google Bard. Whilst there is endless possibilities and positive uses for AI Chatbots, it unfortunately brings along new scam threats that are designed to deceive unsuspecting victims.
What are AI Chatbots?
AI Chatbots are computer programs that can chat with humans using text-based messaging. It works by giving you a detailed, human-like response to a simple command or query. It has even been considered a potential successor to the Google search engine.
What sort of things should I be looking out for?
In one recently reported scam, cybercriminals created fake Facebook ads for free downloads of AI products. If a user clicks on one of these ads, they’ll be prompted to download a fake file. Once the file is downloaded, malware will be activated on the device. Cybercriminals can use this malware to steal sensitive information, such as credit card numbers and passwords that can be sold it to other hackers on the dark web, or get access to your online accounts and scam others.
There is also fake ChatGPT apps in circulation with very similar names such as “chatGPT1” which was one app that provided no AI utility but secretly subscribes its target to numerous paid services. There was also another app called “ChatGPT Chat GPT AI With GPT-3″ which charged a weekly subscription fee after an initial trial. The real version of ChatGPT available on the web is completely free to use at this stage.
These are just some examples of recent AI/Chatbot scams, but as it becomes more widely used, we can expect to see more scams surfacing over time. It's important to remember that cybercriminals are always evolving their tactics to exploit vulnerabilities in our security. That's why it's vital to stay vigilant and practice good cyber security habits.
Tips to stay safe from similar scams
- Cybercriminals can buy ads anywhere. So, always think before you click.
- Only download files from trusted sources, such as the official AI website. Be careful of ads that prompt you to click links instead of visiting official websites.
- Always verify the sender's email address of any suspicious emails you receive.
- If you receive anything suspicious, you can also do an internet search for the company name and the message in question. If it’s real and valid, you might find more information about it on the company’s website. If it is fake, you might find news reports about the scam or no information at all.
- Make sure your device’s and computer’s security software, operating system, and Internet browser, are up to date.
- Regularly backup your important files in case of a malware attack.
- Before you click an ad or link, hover your mouse over it to view the related link. Make sure that the link leads to a legitimate, safe website that corresponds with the content in the ad. Sometimes a link may be very long with a bunch of random letters and numbers, this can be an indicator that a link is not legitimate. Example below.
What to do if you've been scammed
If you have lost money to a scam, please notify your financial institution as soon as possible.
Australian Mutual Bank members can speak to our Fraud Team by calling 13 61 91 or by emailing info@australianmutual.bank.
If you have given personal information to a scammer, contact IDCARE.
For more advice on how to avoid scams and what to do if you or someone you know is a victim of a scam, see our Security Advice section or visit the Scamwatch website at www.scamwatch.gov.au.
Sources:
https://blog.knowbe4.com/ai-hype-used-for-phishbait
https://www.militaryconsumer.gov/blog/ads-fake-ai-and-other-software-spread-malicious-software
https://mashable.com/article/hackers-chatgpt-phishing-malware-domain-scams
