The Weekly Breach Breakdown: As the Worm Turns – WormGPT Creates Compelling Phishing Emails

• Identity criminals are using the black hat tool WormGPT to create phishing emails and steal people’s personal information. It features unlimited character support, chat memory retention, exceptional grammar, lowered entry threshold and code-formatting capabilities.
• A new study by SoSafe found that AI bots can write better phishing emails than humans. Seventy-eight (78) percent of these emails are opened by humans. Of those, 21 percent click on potentially malicious links.
• To avoid a phishing email, be cautious when opening emails from unknown sources, avoid clicking on suspicious links or attachments and regularly update security software.
• To learn about the latest data compromises, consumers and businesses should visit the Identity Theft Resource Center’s (ITRC) data breach tracking tool, notified.
• If you believe you are the victim of an identity crime, contact the ITRC. Call toll-free at 888.400.5530 or live chat on the company website, idtheftcenter.org.

As the Worm Turns

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for July 21, 2023. Thanks to Sentilink for their support of the podcast and the ITRC. Each week, we look at the most recent events and trends related to data security and privacy. This week, we look at WormGPT, a black hat tool that creates compelling phishing emails to lure victims into giving away their personal information. This AI tool takes the stage, and this time, it’s not very user-friendly.

We’re all familiar with one of the most popular movie franchises of all time: Terminator. We won’t beleaguer the details of the movie and its many sequels. Instead, we will focus on the antagonist, Skynet. A sentient AI that built its own army of deadly robots in order to end humanity. ChatGPT and other positive generative AI tools have caught popular attention in the real world. However, now comes the flip side of AI for good. Ladies and Gentlemen, meet ChatGPT’s evil twin.

WormGPT Being Used to Create Phishing Emails

As mentioned above, WormGPT is a black hat tool that creates phishing emails. You may think, “Well, that can’t be legal,” and you’d be right, at least partially. WormGPT has no restrictions on its use for illegal activities. Its features are impressive, with unlimited character support, chat memory retention, exceptional grammar, lowered entry threshold and code-formatting capabilities.

AI Bots Can Write Better Phishing Emails Than Humans

A recent study conducted by cybersecurity firm SoSafe found that AI bots can write better phishing emails than humans. These emails are almost unrecognizable at first glance and are opened by 78 percent of recipients. Of those, 21 percent click on potentially malicious content, such as links or attachments.

Potential Impacts of WormGPT Include Financial Losses

WormGPT’s potential impact on cybersecurity is unprecedented. Its ability to generate persuasive and strategically cunning emails will take personalization to a new level, making these attacks even more dangerous. This will inevitably lead to significant financial losses for individuals and businesses alike.

How You Can Protect Yourself

We must stay vigilant and take precautions to protect ourselves and our businesses from such attacks. This includes being cautious when opening emails from unknown sources, avoiding clicking on suspicious links or attachments and regularly updating security software.

The ITRC is an excellent resource for learning about AI tools, phishing and identity theft prevention. We offer tips and advice on creating strong passwords, securing your accounts and protecting your personal information online.

Contact the ITRC

If you want to know more about how to protect your business or personal information, or if you think you have been the victim of an identity crime, you can speak with an expert ITRC advisor on the phone, chat live on the web, or exchange emails during our normal business hours (Monday-Friday, 6 a.m.-5 p.m. PST). Just visit www.idtheftcenter.org to get started.

Thanks again to Sentilink for their support of the ITRC and this podcast. If you have not done so, check out last week’s podcast on our H1 2023 Data Breach Analysis. We will return next week with another episode of the Weekly Breach Breakdown.