WormGPT: Phishing-as-a-Service the Rise of AI lead Phishing Attacks
Have you been following my latest series of articles on AI and the moving threats of the AI lead wave? If you have, you will have heard me talk about the use of AI to generate content for cyber-attacks, especially their use to increase the effectiveness of Phishing attacks. But have you heard about WormGPT?
Almost as predicted a new AI-lead Phishing service has launched titled WormGPT. Its name is a homage to the AI service ChatGPT which it claims to mirror. The creators call it an equivalent to the natural language engine’s human-like answers to questions.
How does it work?
The way that WormGPT stands out is very simple. All the security measures and protections used to prevent the generation of malicious code or attacks in ChatGPT are removed. WormGPT actively encourages this behaviour. No wonder, it is developed by known hackers and actively promotes malware and other cybercrime on the page.
WormGPT is a subscription-based service on the dark web. Like many of these services, it can be used to promote and enhance phishing attacks. It is another case of Phishing-as-a-service and will only lead to more complex and higher-risk cyberattacks hitting the public.
With this on the rise, all we can recommend is that you stay alert. Stay aware and have the right protections in place to prevent phishing attacks. You should have time-of-click protection enabled on all links in your business. If you need more guidance on this, you should reach out to your Planet IT account manager.
How our Cybersecurity experts can help…
Are you struggling to get your head around how AI affects cybersecurity? Then please call 01235 433900 or you can email [email protected]. Or if you would like to speak to me directly you can reach out to me via DM or at [email protected].
