Tips to protect yourself from AI-driven cyber scams
Artificial intelligence (AI) — from predictive text and autocorrect to ChatGPT and AI-powered health and fitness apps — has seamlessly infiltrated nearly every facet of our lives.
Enhanced AI can have a positive impact on our lives, but it also is instrumental in increasingly intelligent cyber threats.
AI not only expedites the creation of malicious activity but also widens the opportunity to develop harmful software.
You no longer need specialised knowledge to construct malware — ‘regular’ people can create it by asking a chat generator to do so.
This means someone with very little coding knowledge can produce malicious code that can carry out data theft, impersonation, ransomware and even identity theft.”
Campbell adds, “AI is being used to develop custom malware for targets. Through some basic research, the attacker can gather a good idea of the target’s internal environment. Then, the attacker could use AI to tailor the malware.”
Navigating the new cyber landscape
The rapid evolution of sophisticated cybercrimes can make it daunting to stay safe online .
Four security tips:
- Think before you click.
You likely already know to be mindful when opening email links. Now, the threat has extended to text messages. Simply put, if you do not recognise the sender, do not click the link.
“We need to remember our phones are also computers. All it takes is one click on a “bad” link to download malware to your computer or mobile device.”
- Trust your gut and always verify the sender
AI can craft emails and text messages that appear to come from someone the target knows by analysing publicly available data from social media, websites or previous breaches. This increases the likelihood of victims falling for the scam.
“Always approach unsolicited emails, messages and requests for personal information with skepticism — even if they appear to be from trusted sources. Trust your gut if you get an email from someone and it seems weird — spelling mistakes and odd formatting are usually strong indicators. Pick up the phone (do not send an email) and verify if the company or individual did send that email. You should also verify the email address. Attackers will sometimes change their email so it is almost exactly the same as the person or organisation they are trying to be.”
When it comes to your phone, if you receive a text or call from an unknown number, do your due diligence and remain cautious.
- Keep your software updated.
AI can identify vulnerable devices by scanning for specific software versions, device models or security vulnerabilities.
“To keep your devices safe, ensure your hardware, software and apps are always updated to secure vulnerabilities malware may exploit.”
- Stay informed about the latest cyber security risks.
While hardware and software solutions are created to detect and prevent attacks, unknowingly clicking on a harmful link will bypass these defences. That is why user education is critical. — sait.ca