Panda Security decided to analyze the chatbot prototype, ChatGPTto understand the real risks that users could run.
Is GPT chat dangerous? Panda Security tries to give an answer
Lately there has been a lot of talk about ChatGPT and its great diffusion, but many questions are arising within society: is ChatGPT dangerous for the integrity of people online and offline? Could it be used by cyber criminals to make cyber attacks more effective?
Let’s take a step back and first specify what ChatGPT is.
ChatGPT is a chatbot prototype made by the OpenAI company to hold conversations with humans by training the model to better interact. Thanks to these training sessions, the chatbot provides articulated, pertinent and real answers.
The practical applications of GPT are many:
- custom chatbot;
- automatic translation;
- content creation and analysis;
- production of news and information content;
- text completion and suggestion;
- speech synthesis;
- text comprehension.
In recent months, many have raised doubts about the impact of ChatGPT on computer security, which is why Panda Security has analyzed the program by identifying 3 main dangers:
- E-mail di phishing: ChatGPT could be used to write emails and texts for phishing sites omitting the usual spelling errors that help recognize scam attempts;
- Malicious scripts and malware: When fed with strings of malicious code, ChatGPT is able to replicate and combine them.
- Social engineering: it is possible to ask questions to ChatGPT and obtain information to prepare a spear phishing or social engineering attack against a person.
Furthermore, the cybercriminals wasted no time, creating a campaign on social networks where they create accounts similar to OpenAI officers to push users to download a dummy program as a desktop client for ChatGPT which installs, without the user’s knowledge, a Trojan stealer designed to steal information related to saved accounts on various browsers.
Panda Dome’s advice
To protect yourself from this type of attack, Panda Security recommends a complete security suite such as Panda Dome. Also the company has come up with some conduct advice to protect yourself from risks:
- be wary of e-mails from unknown senders or links that promise easy earnings, prizes or all too benevolent prospects;
- when you are looking for software online, check that the site from which you need to download the program is legitimate;
- download the software from the official websites of the company or service you intend to use;
- work out strong, unique passwords and turn on two-factor authentication.
Leave a Reply
View Comments