We want to bring your attention to some important information regarding ChatGPT. It an AI tool for writing that has gained significant popularity since its launch. While ChatGPT can be a helpful tool, it’s crucial to be aware of its potential risks in cyber threats, such as phishing and malware development.
The federal government recently issued an advisory warning to ensure online safety of ChatGPT users, and we’re here to provide guidelines to protect yourself. Explore now.
Malicious Capabilities of ChatGPT
1. Malware generation: Malicious actors are already exploring using ChatGPT to create harmful software known as malware. This poses a real threat to your digital security.
2. Phishing emails: ChatGPT can generate highly convincing phishing and spear-phishing emails, making it easier for them to bypass spam filters and deceive unsuspecting users.
3. Scam websites: With ChatGPT, even less-skilled threat actors can effortlessly create malicious websites, including fake e-commerce sites or landing pages designed to steal personal information.
4. Disinformation campaigns: ChatGPT can generate large volumes of fake news stories and social media posts that appear highly convincing, contributing to the spread of disinformation online.
Guidelines and Preventive Measures
To safeguard yourself against these risks, we strongly recommend following these preventive measures:
1. Prevention Against Phishing Emails
- Avoid opening unknown or suspicious emails, links, and attachments.
- Scan all attachments, including those from trusted sources, with reliable antivirus software before opening them.
- Keep your operating system and software applications up to date.
- Use reputable antivirus/antimalware software on all your devices.
- Avoid using personal accounts on official devices.
- Enable Multi-Factor Authentication (MFA) whenever possible.
- Never share personal details and credentials with unauthorized or suspicious users, websites, or applications.
- Type URLs directly into your browser instead of clicking on links.
- Always ensure websites use HTTPS and avoid visiting non-secure HTTP websites.
2. Anti-masquerading guidelines
(For administrators)
- Implement system hardening measures at the OS, BIOS, and application levels to restrict incoming traffic and user permissions.
- Block unauthorized storage media (e.g., USBs) through system hardening.
- Regularly format removable media to prevent the spread of malware.
- Monitor network activity and employ security solutions such as Anti Malware, Antivirus, Firewalls, IPS, IDS, and SIEM.
- Separate offline LAN and online networks using different servers or routing.
- Provide internet access to specific users on a need basis and restrict data usage and application rights.
- Verify software and documents through digital code-signing techniques before downloading.
- Implement MFA in critical systems, including mailing system administrator controls.
- Regularly back up critical data.
- Change passwords regularly at the administrator level.
- Keep all OS, applications, and technical equipment up to date.
- Use an account with standard user privileges to reduce the attack surface for malicious code execution.
(For end-users)
- Always verify trusted users who send you emails or attachments through secondary means (e.g., call, SMS, verbal communication) before downloading.
- Report any suspicious activity to your administrator immediately.
- Avoid storing critical data on online systems and use standalone systems instead.
3. Guidelines for ChatGPT users
- Be mindful of the information you share while using ChatGPT. Avoid sharing sensitive or confidential information like passwords, financial details, or personal information.
- Exercise caution with links and attachments provided by ChatGPT. Always verify the source before clicking on them, and be wary of suspicious or unknown sources.
- Do not use ChatGPT on official phones.
4. Reporting security issues
If you encounter a security issue while using ChatGPT, please report it immediately to OpenAI for appropriate action.
Prevention Against Disinformation Campaigns
All government departments should take the following actions as preventive measures:
- Regularly organize awareness campaigns and training sessions.
- Always verify information from multiple sources to ensure accuracy and avoid spreading false or misleading content.
By following these guidelines, you can help protect yourself and others from potential cyber threats associated with ChatGPT. Stay safe and enjoy the benefits of this AI tool responsibly!
However, work smartly with ChatGPT and use these Golden ChatGPT Prompts.
