Cybercrooks targeting Facebook and AI

Posted: Aug 21, 2023 / 05:45 PM EDT

Updated: Aug 21, 2023 / 05:48 PM EDT

INDIANAPOLIS – New research shows cybercriminals are trying to cash in on Americans’ curiosity with emerging Artificial Intelligence technology.

Many Americans are familiar enough with AI to be curious about how it works and how they might be able to use it. According to “Checkpoint Research,” cyber crooks are setting traps for those who want to check AI out by impersonating popular AI companies like ChatGPT, Google Bard, Jasper and Midjourney.

To set their traps, scammers will post fake ads on Facebook, luring potential victims into clicking on the links in the ads.

However, those who click on the links embedded in the ads are actually downloading malware onto their computer or device. The malware is designed to root through your device and steal passwords for bank accounts, social media, and about anything else you save there.

Additionally, the more people share, like and comment on the ads, the more they spread the trap around to their friends.

In order to avoid fake phishing ads, Checkpoint Research suggests these prevention methods:

Ignore Display Names: Phishing sites or emails can be configured to show anything in the display name. Instead of looking at the display name, check the sender’s email or web address to verify that it comes from a trusted and authentic source.
Verify the Domain: Phishers will commonly use domains with minor misspellings or that seem plausible. For example, company.com may be replaced with cormpany.com or an email may be from company-service.com. Look for these misspellings, they are good indicators.
Always download software from trusted sources: Facebook groups are not the source from which to download software to your computer. Go directly to a trusted source, and use its official webpage. Do not click on downloads coming from groups, unofficial forums, etc.
Check the Links: URL phishing attacks are designed to trick recipients into clicking on a malicious link. Hover over the links within an email and see if they actually go where they claim. Enter suspicious links into a phishing verification tool like phishtank.com, which will tell you if they are known phishing links. If possible, don’t click on a link at all; visit the company’s site directly and navigate to the indicated page.