Dispels the myth that you can't be fooled by a machine:

Cybersecurity experts note that criminals are increasingly using artificial intelligence when trying to manipulate and deceive to take control of your computer. In particular, the ability of AI to recreate and invent text in all the world's languages is a strength for cybercriminals, those who often cannot type flawless Norwegian. This means that these hackers, using AI platforms like ChatGPT, can bypass many of the errors that we have come to regard as fraud and that usually set off our alarm bells.

You might think: “I can easily distinguish text written by a machine and not by a human.” A number of my colleagues at Knowbe4 set out to test this claim.

Here we tested how easy it is to have ChatGPT craft a so-called phishing email – that is, an email intended to get you to click on a link, so hackers can take over your computer. And she actually did it in just five minutes. We then tested the AI-generated phishing email on a number of employees. The email successfully fools almost as many employees as phishing emails, with our specially trained team spending over 16 hours preparing such tests.

So, unfortunately, I probably have to dispel the myth that you can't be fooled by a machine, because you can to the highest degree. “The robots are coming” and we are not ready.

Outperformed by robots

It's true that humans won narrowly this time, but AI is learning all the time, and the phishing emails that cybercriminals can create using AI are becoming more convincing. We should expect AI to become more sophisticated, for example in terms of correct grammar, and to outperform us in developing and designing cyber fraud.

For example, last year there was a tendency for online scammers to use the so-called Sound reproduction. Here, with the help of artificial intelligence, a person imitates the voice of a real person, and pretends to be the owner of the voice using a fabricated artificial voice in order to deceive people with money or information.

It may seem theoretical, but we've seen it happen in practice with more widely used languages, like English, and this will also affect smaller countries and less widely spoken languages.

“Rage against machines”

But will we really give up and accept a future where we are tricked by AI-driven hackers? Fortunately, there are more progressive options. We just conducted a large survey of IT security training data from 32 million users spread across just under 500 million fake phishing emails. The survey clearly shows that employees who receive IT security training from their IT department are better equipped to detect fraud.

Specifically, our survey indicates that employees with IT security training are 274% better at spotting phishing emails than people without training.

It is important to realize that companies represent phishing and so-called Social engineering attacks For 70-90 percent of data loss detected. It is therefore the largest attack surface for businesses, but we still often see EDR (Endpoint Detection and Response) and network solutions being prioritized over employee training.

Your account will be hacked, submit your account details and register now!

So, you need to dispel the myth of the Nigerian prince who sends weird emails with reverse word order, misspellings, and misspellings, because soon it will be a thing of the past. Instead, you and your employees should be wary of long, complex emails, which are typical of AI-generated texts.

Overall, it's about creating a healthy, natural digital skepticism among employees. This is completely against the Norwegian popular spirit, where we trust each other until proven otherwise. But on the Internet, we must always be wary — wary of emails that deviate from the norm, against messages about packages on iMessage or WhatsApp that contain strange links, and against strange invoices that your boss sends “from his office.” IPAD”.

Unfortunately, you can no longer just look for bad grammar. IT criminals have learned this.