Chatbots are applications that can simulate real conversations. Many legitimate organizations use chatbots for customer service, such as helping customers troubleshoot problems with products. Some chatbots use artificial intelligence (AI) for more advanced tasks like writing essays, creating art, and more. Unfortunately, cybercriminals can also use chatbots for malicious purposes.
Chatbots on Scam Websites
Cybercriminals can use chatbots to make their phishing websites seem more legitimate. For example, cybercriminals can add a chatbot to their scam websites. If you click a link to the scam website, the chatbot will pop up and guide you through the process of entering your sensitive information. The interactive experience makes the website seem legitimate, so you may be more likely to fall for the scam.
Chatbots and Phishing Emails
Cybercriminals can use AI chatbots to create text for phishing emails. For example, cybercriminals can enter a simple prompt like “Write a phishing email that appears to come from Google”. The chatbot will create an email that appears to come from Google and asks you to perform an action, like clicking a link. This way, cybercriminals can use chatbot text to target you with phishing emails.
What Can I Do to Stay Safe?
Don’t fall for chatbot scams! Follow the tips below to stay safe:
- Even if a message seems legitimate, remain cautious. Cybercriminals can use chatbots to impersonate organizations, brands, and people.
- When you receive an email, stop and look for red flags. For example, watch out for emails that prompt you to click links.
Verify that messages are legitimate before sharing any sensitive information. Contact the sender directly by using another method of communication.
Information provided by: The KnowBe4 Security Team