Skip to main content
School of Electrical Engineering and Computer Science
Denna sida på svenska

Phishing will increase with AI – and so will the likelihood of being scammed

Published Nov 06, 2023

Phishing has been a problem for a long time, both for individuals and businesses. AI and language models like ChatGPT will increase the number of phishing attempts and make them even better.

”Within one to two years, anyone can create personalised scam emails, which will become a significant problem for businesses and individuals. It will be easier to be scammed", says Fredrik Heiding, research assistant at Harvard and PhD student at KTH.

Together with other researchers at Harvard and the Massachusetts Institute of Technology (MIT), Fredrik Heiding has investigated how easy it is to create fake emails using language models . They have also created scam emails by analysing personal information on the internet.

"We have created an automatic tool that goes online and scrapes information. We feed that information into the language model, which then creates a personalised scam email, which makes it even more difficult to trust the material you receive," he says.

The problem will grow

And there is no doubt that scam emails can create significant problems. One of the largest casinos, MGM, in Las Vegas, was recently hacked thanks to a scam email . In addition to disabling machines for two weeks, the hackers obtained personal information from customers, such as social security numbers and passport numbers. The hack is estimated to have cost MGM $100 million.

"We see that this problem will grow even more with AI and language modelling, so we are starting a new study to work with companies to see their concerns. And companies are welcome to contact us,"says Heiding,

Can you protect yourself against attacks created by scam emails?

"It is possible to protect yourself; you can use language models to detect a scam email and use them as a training tool. But this will not solve the whole problem," he says.

Today, almost all training on detecting scam emails with the help of AI is done by companies, and the use for private individuals is small, and being more vigilant only sometimes helps.

"This new technology we haven't had before creates conditions and problems. We don't always know how to handle it".

Some tips to avoid being scammed

  • Think about what you publish online.
  • What do you have that is important? Please take a closer look at it and where it is stored.
  • Does something sound too good to be true? Then it is.
  • Verify that the information is correct by making a phone call.
  • Pause for a second and do a quick check.

Emelie Smedslund 

Related news

KTH Students compete to become the best hackers in the world

535 teams participated in this year's qualifiers for the world's most prominent hacking championship, with only 12 advancing to the finals at the DEF CON conference in Las Vegas. The team includes six...

Read the article

500 000 articles on ethical hacking analysed 

More investment in cybersecurity is needed. This is the conclusion after analysing 500,000 articles on academic databases on ethical hacking. 

Read the article
Joel Gärtner and Kalle Ngo
Joel Gärtner and Kalle Ngo

Researchers found leak in cryptographic algorithm

New and better methods are needed to protect sensitive data from hackers. This is the conclusion KTH researchers made when they managed to break an implementation of CRYSTALS-Kyber, a post quantum cry...

Read the article
News
Belongs to: School of Electrical Engineering and Computer Science
Last changed: Nov 06, 2023