Threat actors have now come up with another AI-powered cybercrime tool called FraudGPT.
This AI bot is capable of designing spear-phishing emails, generating cracking tools, and facilitating carding activities promoted in the dark web.
The authors claim that FraudGPT can be used to write malicious code, develop undetectable malware, and identify leaks and vulnerabilities.
The threat actor, who operates under the online alias CanadianKingpin, is promoting themselves as a verified vendor on several underground dark web marketplaces, including EMPIRE, WHM, TORREZ, WORLD, ALPHABAY, and VERSUS.
They have been advertising their offering with a subscription cost of $200 per month, $1,000 for six months, and $1,700 for a year.
There have been over 3,000 confirmed sales and reviews of this tool. As of now, the specific Large Language Model (LLM) utilized in the development of this system remains undisclosed.
The use of generative AI in these attacks broadens their accessibility to a wider range of cybercriminals. The existence of various GPT raises concerns, especially since AI models such as OpenAI ChatGPT and Google Bard have been taking measures to prevent their misuse in deceptive emails and malicious code.
FraudGPT generates realistic and convincing texts by using several techniques and strategies. Some of these techniques and strategies are:
Personalization: It can personalize the texts to match the profile and preferences of the target. For example, it can use the target’s name, location, interests, or other personal details to make the texts more relevant and appealing.
Emotional manipulation: FraudGPT can manipulate the emotions of the target to influence their behavior. For example, it can use fear, urgency, curiosity, greed, guilt, or sympathy to create a sense of pressure, opportunity, or obligation for the target.
Social engineering: It can engineer the social situation to exploit the trust and credibility of the target. For example, it can use authority, reciprocity, consensus, or scarcity to create a perception of legitimacy, fairness, popularity, or exclusivity for the text.
FraudGPT is based on GPT-3, a powerful natural language processing system that can produce coherent and fluent texts on any given prompt. In this this article is to provide a comprehensive overview of FraudGPT
The rise of AI-powered cybercrime tools necessitates a proactive approach from organizations to safeguard their data, systems, and customers. By implementing robust security measures and staying vigilant against evolving threats, businesses can strengthen their resilience against AI-driven attacks and protect themselves from potential financial and reputational damages.