Check Point researchers have recently highlighted the increased risk of cyber attacks associated with newly registered Open AI and ChatGPT domains. Over the first four months of 2023, researchers tracked 13,296 new domains registered in relation to these innovative technologies, with one in 25 found to be malicious. It appears that cyber criminals have made the most of the trend for ChatGPT, adopting increasingly sophisticated methods to take advantage of vulnerable individuals and target businesses.
The fraudulent nature of many of these domains is clear from the outset, with many employing unsubtle naming conventions such as including “chat-gpt-pc” and “chat-gpt-online-pc” within domain names. Some, such as “chatgpt4beta.com” and “chatgptdetectors.com”, even appear to offer products relating to the technology itself. For instance, Check Point researchers have found examples of landing pages purporting to offer software for detecting ChatGPT prose, which educators have been calling for in recent times.
However, the real concern highlighted by Check Point researchers is the risk of employees unknowingly accessing these fraudulent domains and divulging sensitive corporate data. This risk arises in two main ways. Firstly, malicious domains may offer applications or files that employees can download and that subsequently provide criminals with an initial foothold in the corporate network. Secondly, employees may be duped into believing that fraudulent domains are authentic and then submit sensitive queries containing corporate information.
According to Omer Dembinsky, data group manager at Check Point Software and lead researcher on the report, there are two risks for enterprises, including providing cybercriminals with an initial foothold on the corporate network and submitting queries with sensitive corporate information to fake websites.
To address these risks, Check Point researchers have advised a number of preventative measures, including better phishing awareness among employees and the most basic cyber hygiene practices such as not replying to unknown emails, clicking on links, or opening suspicious attachments. Firms can also adopt anti-phishing strategies such as reporting and deleting suspicious emails and being vigilant around lookalike and fake domains.
However, prevention alone will not necessarily protect companies from the growing levels of cyber threats in the market. There is a need for continuous education and implementation of effective anti-phishing safeguards to reduce the risks posed by the increasing number of malicious domains.
