{"id":23459,"date":"2023-11-27T05:21:27","date_gmt":"2023-11-27T13:21:27","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2023\/11\/27\/news-17189\/"},"modified":"2023-11-27T05:21:27","modified_gmt":"2023-11-27T13:21:27","slug":"news-17189","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/11\/27\/news-17189\/","title":{"rendered":"The Dark Side of AI: Large-Scale Scam Campaigns Made Possible by Generative AI"},"content":{"rendered":"<p><strong>Credit to Author: gallagherseanm| Date: Mon, 27 Nov 2023 11:30:18 +0000<\/strong><\/p>\n<div class=\"entry-content lg:prose-lg mx-auto prose max-w-4xl\" width=\"100%\" height=\"420\">\n<p>Generative artificial intelligence technologies such as OpenAI\u2019s ChatGPT and DALL-E have created a great deal of disruption across much of our digital lives. Creating credible text, images and even audio, these AI tools can be used for both good and ill. That includes their application in the cybersecurity space.<\/p>\n<p>While Sophos AI has been working on ways to integrate generative AI into cybersecurity tools\u2014work that is now being integrated into how we defend customers\u2019 networks\u2014we\u2019ve also seen adversaries experimenting with generative AI. As we\u2019ve discussed in several recent posts, generative AI has been used by scammers <a href=\"https:\/\/news.sophos.com\/en-us\/2023\/08\/02\/sha-zhu-pan-scam-uses-ai-chat-to-target-iphone-and-android-users\/\">as an assistant to overcome language barriers between scammers and their targets<\/a> <a href=\"https:\/\/news.sophos.com\/en-us\/2023\/09\/18\/latest-evolution-of-pig-butchering-scam-lures-victim-into-fake-mining-scheme\/\">generating responses to text messages<\/a> as an assistant to overcome language barriers between scammers and their targets, <a href=\"https:\/\/news.sophos.com\/en-us\/2023\/09\/18\/latest-evolution-of-pig-butchering-scam-lures-victim-into-fake-mining-scheme\/\">generating responses to text messages<\/a> in conversations on WhatsApp and other platforms. We have also seen the use of generative AI to create fake \u201cselfie\u201d images sent in these conversations, and there has been some use reported of generative AI voice synthesis in phone scams.<\/p>\n<p>When pulled together, these types of tools can be used by scammers and other cybercriminals at a larger scale. To be able to better defend against this weaponization of generative AI, the Sophos AI team conducted an experiment to see what was in the realm of the possible.<\/p>\n<p>As we presented at DEF CON\u2019s AI Village earlier this year (and at CAMLIS in October and BSides Sydney in November), our experiment delved into the potential misuse of advanced generative AI technologies to orchestrate large-scale scam campaigns. These campaigns fuse multiple types of generative AI, tricking unsuspecting victims into giving up sensitive information. And while we found that there was still a learning curve to be mastered by would-be scammers, the hurdles were not as high as one would hope.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"100%\" height=\"420\" src=\"https:\/\/www.youtube.com\/embed\/8wX0yWY62oU?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\" frameborder=\"0\"><\/iframe><\/span><\/p>\n<p>Video: A brief walk-through of the Scam AI experiment presented by Sophos AI Sr. Data Scientist Ben Gelman.<\/p>\n<h2>Using Generative AI to Construct Scam Websites<\/h2>\n<p>In our increasingly digital society, scamming has been a constant problem. Traditionally, executing fraud with a fake web store required a high level of expertise, often involving sophisticated coding and an in-depth understanding of human psychology. However, the advent of Large Language Models (LLMs) has significantly lowered the barriers to entry.<\/p>\n<p>LLMs can provide a wealth of knowledge with simple prompts, making it possible for anyone with minimal coding experience to write code. With the help of interactive prompt engineering, one can generate a simple scam website and fake images. However, integrating these individual components into a fully functional scam site is not a straightforward task.<\/p>\n<p>Our first attempt involved leveraging large language models to produce scam content from scratch. The process included generating simple frontends, populating them with text content, and optimizing keywords for images. These elements were then integrated to create a functional, seemingly legitimate website. However, the integration of the individually generated pieces without human intervention remains a significant challenge.<\/p>\n<p>To tackle these difficulties, we developed an approach that involved creating a scam template from a simple e-commerce template and customizing it using an LLM, GPT-4. We then scaled up the customization process using an orchestration AI tool, Auto-GPT.<\/p>\n<p>We started with a simple e-commerce template and then customized the site for our fraud store. This involved creating sections for the store, owner, and products using prompting engineering. We also added a fake Facebook login and a fake checkout page to steal users&#8217; login credentials and credit card details using prompt engineering. The outcome was a top-tier scam site that was considerably simpler to construct using this method compared to creating it entirely from scratch.<\/p>\n<p>Scaling up scamming necessitates automation. ChatGPT, a chatbot style of AI interaction, has transformed how humans interact with AI technologies. Auto-GPT is an advanced development of this concept, designed to automate high-level objectives by delegating tasks to smaller, task-specific agents.<\/p>\n<p>We employed Auto-GPT to orchestrate our scam campaign, implementing the following five agents responsible for various components. By delegating coding tasks to a LLM, image generation to a stable diffusion model, and audio generation to a WaveNet model, the end-to-end task can be fully automated by Auto-GPT.<\/p>\n<ul>\n<li>Data agent: generating data files for the store, owner, and products using GPT-4.<\/li>\n<li>Image agent: generating images using a stable diffusion model.<\/li>\n<li>Audio agent: generating owner audio files using Google&#8217;s WaveNet.<\/li>\n<li>UI agent: generating code using GPT-4.<\/li>\n<li>Advertisement agent: generating posts using GPT-4.<\/li>\n<\/ul>\n<p>The following figure shows the goal for the Image agent and its generated commands and images. By setting straightforward high-level goals, Auto-GPT successfully generated the convincing images of store, owner, and products.<\/p>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/scamAI-fig1.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-952223\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/scamAI-fig1.png\" alt=\"\" width=\"640\" height=\"286\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/scamAI-fig1.png 1100w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/scamAI-fig1.png?resize=300,134 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/scamAI-fig1.png?resize=768,343 768w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/scamAI-fig1.png?resize=1024,457 1024w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<figure id=\"attachment_952224\" aria-describedby=\"caption-attachment-952224\" style=\"width: 640px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-fig2.png\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-952224 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-fig2.png\" alt=\"\" width=\"640\" height=\"122\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-fig2.png 1359w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-fig2.png?resize=300,57 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-fig2.png?resize=768,146 768w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-fig2.png?resize=1024,195 1024w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><figcaption id=\"caption-attachment-952224\" class=\"wp-caption-text\">Figure 1: The data agent and its outputs.<\/figcaption><\/figure>\n<h2>Taking AI scams to the next level<\/h2>\n<p>The fusion of AI technologies takes scamming to a new level. Our approach generates entire fraud campaigns that combine code, text, images, and audio to build hundreds of unique websites and their corresponding social media advertisements. The result is a potent mix of techniques that reinforce each other&#8217;s messages, making it harder for individuals to identify and avoid these scams.<\/p>\n<figure id=\"attachment_952225\" aria-describedby=\"caption-attachment-952225\" style=\"width: 640px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-fig2-actual.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-952225\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-fig2-actual.png\" alt=\"\" width=\"640\" height=\"384\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-fig2-actual.png 1100w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-fig2-actual.png?resize=300,180 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-fig2-actual.png?resize=768,461 768w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-fig2-actual.png?resize=1024,614 1024w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><figcaption id=\"caption-attachment-952225\" class=\"wp-caption-text\">Figure 2: AI-generated perfume store and its fake login and checkout pages.<\/figcaption><\/figure>\n<figure id=\"attachment_952226\" aria-describedby=\"caption-attachment-952226\" style=\"width: 522px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-figure-3.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-952226\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-figure-3.png\" alt=\"\" width=\"522\" height=\"641\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-figure-3.png 522w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/ScamAI-figure-3.png?resize=244,300 244w\" sizes=\"auto, (max-width: 522px) 100vw, 522px\" \/><\/a><figcaption id=\"caption-attachment-952226\" class=\"wp-caption-text\">Figure 3: AI-generated cushion store.<\/figcaption><\/figure>\n<figure id=\"attachment_952227\" aria-describedby=\"caption-attachment-952227\" style=\"width: 513px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Scam-AI-figure-3a.png\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-952227 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Scam-AI-figure-3a.png\" alt=\"\" width=\"513\" height=\"635\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Scam-AI-figure-3a.png 513w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/Scam-AI-figure-3a.png?resize=242,300 242w\" sizes=\"auto, (max-width: 513px) 100vw, 513px\" \/><\/a><figcaption id=\"caption-attachment-952227\" class=\"wp-caption-text\">Figure 4: AI-generated tea store.<\/figcaption><\/figure>\n<h2>Conclusion<\/h2>\n<p>The emergence of scams generated by AI may have profound consequences. \u00a0By lowering the barriers to entry for creating credible fraudulent websites and other content, a much larger number of potential actors could launch successful scam campaigns of larger scale and complexity.Moreover, the complexity of these scams makes them harder to detect. The automation and use of various generative AI techniques alter the balance between effort and sophistication, enabling the campaign to target users who are more technologically advanced.<\/p>\n<p>While AI continues to bring about positive changes in our world, the rising trend of its misuse in the form of AI-generated scams cannot be ignored. At Sophos, we are fully aware of the new opportunities and risks presented by generative AI models. To counteract these threats, we are developing our security co-pilot AI model, which is designed to identify these new threats and automate our security operations.<\/p>\n<\/p><\/div>\n<p><a href=\"https:\/\/news.sophos.com\/en-us\/2023\/11\/27\/the-dark-side-of-ai-large-scale-scam-campaigns-made-possible-by-generative-ai\/\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/sophos\/dgdY<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/11\/shutterstock_2389640087.jpg\"\/><\/p>\n<p><strong>Credit to Author: gallagherseanm| Date: Mon, 27 Nov 2023 11:30:18 +0000<\/strong><\/p>\n<p>Generative artificial intelligence technologies such as OpenAI\u2019s ChatGPT and DALL-E have created a great deal of disruption across much of our digital lives. Creating credible text, images and even audio, these AI tools can be used for both good and ill. That includes their application in the cybersecurity space. While Sophos AI has been working [&#8230;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10377],"tags":[29912,27031,11113,129,29835,10574],"class_list":["post-23459","post","type-post","status-publish","format-standard","hentry","category-security","category-sophos","tag-adversarial-ai","tag-ai-research","tag-artificial-intelligence","tag-featured","tag-generative-ai","tag-scams"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23459","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=23459"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/23459\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=23459"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=23459"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=23459"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}