Business Standard

From social media to ChatGPT, cyber criminals quick to adopt new tech

Cyber-security researcher Rajshekhar Rajaharia has unearthed a new type of fraud online

hacking, data, privacy, cyber security

IANS New Delhi
Forget Jamtara that has kept on inspiring cyber thugs to steal your data or money via traditional, OTP-based methods to date. Brace yourself for a new age of hacking via artificial intelligence (AI)-based tools.
 
 
A new crop of con artists is now thriving that is utilising newer means -- from social media platforms to UPI-based frauds and from operating fake gambling websites to now working on AI chatbot ChatGPT -- to rob you of your hard-earned money.
A woman was duped of Rs 27 lakh last week by a woman fraudster who promised her handsome returns on investment in digital marketing on WhatsApp.
"The task was to like and subscribe to YouTube accounts," the victim said in the FIR.
The Delhi Police's Crime Branch last week busted a racket involved in forging documents including Aadhaar cards, PAN card, and driving license for obtaining SIM cards, opening bank accounts and taking loans.
On interrogation, police found that the con group used ordinary persons who don't have any ID documents for preparing these documents and further misusing them.
Cyber-security researcher Rajshekhar Rajaharia has unearthed a new type of fraud online.
Every day from 5 p.m., several satta (gambling) websites start trending on Google, which offer quick money upon playing the satta that starts from as little as Rs 100 and goes into thousands.
"These websites start appearing in the evening and every website guarantees profits. These gambling websites are being run with tier 1 and 2 city names like Delhi Satta King, Disawar gali Satta, Shri Ganesh Chart, Satta King Delhi Bazar and more," Rajaharia told IANS.
Those who place satta, using various UPI payment platforms, get nothing in return as the winning prize always goes to people these websites had already selected.
"There are thousands of such fake gambling websites now operating in the country. They also have Telegram groups and each group has more than 25,000 members," said Rajaharia.
First captured by trendingbot.org, it is impossible to guess which website is real or which is fake and nearly 90 per cent people who place their money don't get anything.
"Satta owners announce the only number with the lowest targeted number to make maximum profit and there are hundreds of websites related to one satta market," Rajaharia explained.
In January, a Lucknow woman who had saved Rs 1 lakh for her daughter's surgery was duped by fraudsters who offered her prize money in a lucky draw. She said she paid the money through Google Pay app.
According to cyber experts, scammers operating high-yielding investing scams called "pig butchering" have found a way to compromise Google Play and Apple's App Store.
Pig butchering scams are those which involve fake websites, malicious advertising, and social engineering.
By adding fraudulent apps to official download platforms, scammers can gain a victim's trust easier, reports BleepingComputer.
According to Sophos researchers, scammers are targeting victims on Facebook or Tinder and convincing them to download the fraudulent apps and "invest" large sums of money in assets that appear to be real.
The fraudsters appear to target male users over Facebook and Tinder using women's profiles with stolen images from other social media accounts.
Sophos discovered malicious apps called "Ace Pro" and "MBM BitScan" on the Apple App Store, and "BitScan" on the Google Play Store.
The next big challenge for cyber authorities is to tackle ChatGPT-based cyber crimes.
Cyber criminals have already started using ChatGPT to create Telegram bots that can write malware and steal your data.
Currently, if you ask ChatGPT to write a phishing email impersonating a bank or create malware, it will not generate it.
However, hackers are working their way around ChatGPT's restrictions and there is an active chatter in the underground forums disclosing how to use OpenAI API to bypass ChatGPT's barriers and limitations.
"This is done mostly by creating Telegram bots that use the API. These bots are advertised in hacking forums to increase their exposure," according to CheckPoint Research (CPR).
The coming months will reveal further how hackers are using new-age techniques and AI-based tools to commit financial frauds.
The time is to minimise your digital footprints to stay away from the new breed of hackers, advise experts.
(Nishant Arora can be reached at nishant.a@ians.in)
--IANS
na/bg

(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: Feb 19 2023 | 4:19 PM IST

Explore News