



Online scams and phishing scams can seem easy to the tech savvy of us with misspellings, off-brand images, and inappropriate attempts to masquerade as official. You may be convinced that you’ll never fall prey to Prince’s emails promising you millions of unclaimed dollars.

However, with the rise of generative AI technologies such as ChatGPT, Bard and Midjourney, blackhats and fraudsters may have a new set of tools to help them create sophisticated attacks and scams that are harder to detect and stop. there is.

On June 7, an expert panel met in Santa Monica to discuss generative AI platforms and their potential impact on cybersecurity, fraud, copyright and misinformation. The event was held as part of LA Tech Week 2023 and hosted by USC Viterbi-led startup Eydle. Eydle was founded by Birendra Jha, an assistant professor in the Mork Family Department of Chemical Engineering and Materials Science, and his Ashwini Rao, a cybersecurity engineer.

Generative AI has exploded in popularity over the past year, giving users of all levels of experience the ability to input prompts and instantly generate high-level text, photorealistic images, videos, and artwork. I’m here.

But platforms that can create detailed, realistic content in seconds are being used by online fraudsters to create compelling phishing emails, undetectable social media impersonation accounts, or sophisticated fake images. There is also a possibility that it will be. Malicious individuals without coding knowledge can also more easily generate code that can be used or modified in illegal applications.

Jha and Rao’s startup Eydle, also backed through the USC Viterbi Startup Garage, was founded to combat the rise of social media impersonation and phishing scams.

A new breed of sophisticated social media fakes

Rao said the social media platform has seen a 1,800% increase in fraud over the past five years. In the past, fraudulent social his accounts resembling phishing emails were often dismissed due to syntax and grammatical errors. But with the clear text output provided by ChatGPT, that could be a thing of the past. Sharing photorealistically generated images on social media can also be a weapon to deceive users.

“As the saying goes, seeing is believing. Visual fraud is more dangerous because it’s more realistic,” says Rao.

In the past, when fraudsters reused images such as bank logos to impersonate brands, they were often discovered by cybersecurity tools that identify stolen images.

“Many solutions today to catch people impersonating brands like Chase or Bank of America are very deterministic when comparing two different images, requiring nearly every pixel to match. Yes,” Rao said. “Now we can generate logos that are very similar but not exactly the same, so the solution can’t catch it.”

Jha said the scammers could create multiple variations of the actual logo, for example the Bank of America image created below, which is available on social media and the current solution. said to avoid detection by

“Previously, scammers would manually create images by cropping, rotating, or changing the color scheme of the original image in order to evade detection and victimize people.” Mr Jar said. “Now he can have GenAI be their tool. It takes him less than five seconds.”

Jah and Rao said future solutions to combat fraud and fraud should consider the capabilities of generative AI. Jha said generative AI platforms themselves are also potential tools for companies to combat fraud and attacks.

“There are examples of banks already using neural architectures underlying these large-scale language models to detect malicious financial transactions,” Jah said.

Can ChatGPT replace technician jobs?

Rao said there is much debate about whether ChatGPT can eventually replace programmers from a cybersecurity perspective, but the issue is that there is no guarantee that the new AI platform will be able to generate valid code. said to remain. For this reason, Stack Overflow, his popular Q&A tool for developers, recently banned ChatGPT-generated answers due to their high likelihood of being inaccurate. ChatGPT is also susceptible and can be manipulated to create desired output.

“I don’t really trust what ChatGPT or similar tools say about the code they generate,” says Rao. “So if what ChatGPT says is unreliable, how can someone use it for nefarious purposes? How can someone influence the contents of this tool to intentionally inject malicious code into your system Is there any?”

The panel also discussed another issue facing companies wishing to exploit generative AI copyrights. The EU recently proposed new copyright rules for generative AI, which could pose legal challenges for start-ups building products based on the technology. Generative AI platforms are trained by scraping information from vast amounts of potentially copyrighted content, legally blurring the chain of ownership. Rao said this presents a potential copyright liability risk that startups should consider when applying the technology.

“So what does that risk look like for a startup if they’re building on top of open AI? If it looks like, who will be sued? Will it be the startup that takes the risk, or will it be the open AI platform?” Rao said.

A sold-out Tech Week panel was also joined by Alex Alben of the UCLA School of Law. Dave Cole, co-founder and CEO of Open Raven. Alexa Prashant Pisipati, Principal Product Manager, Amazon Web Services ML & AI. Syro co-founder and CTO Nicole Alonso. And Mr. Raj Agarwal of Trust Lab.

Published July 7, 2023

