The Dark Side of ChatGPT: Criminal Exploitation and Challenges
The release and widespread use of ChatGPT, a large language model developed by OpenAI, has been a significant development in the field of technology. However, this innovative technology has its downsides and can be exploited by criminals and bad actors for malicious purposes. Europol Innovation Lab recently organized workshops to explore how criminals can abuse LLMs such as ChatGPT.
Criminal Use Cases
ChatGPT is an excellent tool for finding information in response to various prompts. Criminals can use ChatGPT to commit fraud, impersonation and social engineering, cybercrime, and to spread disinformation.
Fraud, Impersonation, and Social Engineering
ChatGPT's ability to generate highly authentic texts has made it an ideal tool for phishing purposes. Fraudulent emails with context-specific content that can be adapted to various types of internet fraud can be created easily using ChatGPT. This technology can be used to conduct social engineering and generate fake social media engagement, allowing criminals to create more sophisticated and targeted scams.
Cybercrime
ChatGPT can generate code in various programming languages, enabling the creation of basic tools for cybercrime purposes without technical knowledge. Threat actors have already exploited ChatGPT's ability to transform natural language prompts into working code, creating malware and a full infection flow.
Disinformation
ChatGPT is highly effective at producing large amounts of authentic-sounding text quickly, making it an ideal tool for propaganda and disinformation purposes. This technology allows users to generate and disseminate messages that reflect a specific narrative with minimal effort.
Recommendations
Law enforcement agencies should be aware of the possible threats posed by LLMs like ChatGPT. They need to identify and address potential loopholes and prevent malicious use. Law enforcement agencies should understand the impact of LLMs on different crime areas to predict and investigate abuse of this technology. They also need to develop the skills to assess the accuracy and potential biases of generated content. The use of customised LLMs should also be explored, provided that fundamental rights are respected and appropriate safeguards are in place.
Conclusion
The use of LLMs like ChatGPT can facilitate crimes such as fraud, impersonation, social engineering, cybercrime, and disinformation. Law enforcement agencies need to be aware of the possible threats and develop skills to better predict and mitigate specific threats. This technology can also be used to help fight crime if appropriate safeguards and fundamental rights are respected.
