.jpg)
Highlights
GPT models like ChatGPT are being misused by cybercriminals for phishing, malware, and data leaks. This blog outlines real-world risks and what you can do to protect your business.
Generative Pre-trained Transformers (GPTs) like OpenAI's ChatGPT are revolutionising industries across the board. From writing emails to creating educational content, they're powerful tools built to understand and generate human-like text. But the same tech that makes GPTs useful also makes them risky, particularly for cybersecurity.
In February 2024, Microsoft and OpenAI spotted several state-backed hacking groups from Russia, North Korea, Iran, and China using GPTs to improve their exploitation tactics. The Strontium group, linked to Russian military intelligence, has been found using large language models (LLM’s) to understand satellite communication protocols, radar imaging technologies, and other sensitive miliatry information.
But GPTs can also be misused in everyday cybercrime and by employees or contractors who have access to sensitive data.
How GPTs can be weaponised in everyday cybercrime
- Phishing: GPTs can generate convincing phishing emails that mimic real writing styles, making it more difficult to spot and harder for filters to block.
- Social engineering: these models can be used in live chats, like customer support, to trick people into giving up sensitive information. Connected to text-to-speech tools, they could also be used in voice scams.
- Malware code generation: even with filters in place, attackers can trick GPTs into writing malicious code.
- Data leakage: when employees input sensitive company information into these models, that data gets stored and could be leaked back to others.
- Misinformation: GPT’s can 'hallucinate', which means they present false information portrayed as fact. When spread, this can lead to real-world consequences such as political confusion or interference during a crisis.
Real-world proof this is happening
OpenAI, the company behind ChatGPT, have openly called out “SweetSpecter”, a China-based hacking gang that used ChatGPT to gather intel, research vulnerabilities, write attack scripts and more. In May 2024, they even targeted OpenAI employees themselves in a spear-phishing campaign (targeted email scam designed to trick someone into giving away access or data). This is believed to be the first publicly identified US-based target after previously only targeting Middle Eastern, African and Asian political entities.
A report by OpenAI documents this and other real world examples.
How you can protect your business's data
- Train your team: regularly train your employees how to spot dodgy emails. Show them how to check for suspicious links and fake email addresses. Make sure they know to report anything fishy to your security team right away.
- Stay alert: remind everyone that emails or calls asking for money or personal information might not be who they say they are. Always double-check by contacting the person through a different method before doing anything.
- Fact check: don’t trust everything you read, especially if it comes from AI tools like ChatGPT. Always verify information from several sources before sharing or using it.
- Control access to GPT tools: some companies block ChatGPT and similar services to stop sensitive data from leaking. If you don’t want to block them outright, set clear rules on how they can be used.
- Watch your data: keep an eye on how much data is leaving your company's environment. If there’s a big spike, like lots of info being sent to ChatGPT, that’s a red flag and needs checking out.
Looking for support that actually fits your business?
Vorboss offers custom cybersecurity services that match how you operate. Speak to an expert.
Tell us about yourself so we can serve you best.
Got a question?
More articles
.png)
Internet connectivity is the lifeblood of modern businesses, powering operations, communication, and growth. But not all “fibre” connections are created equal.
All connections use fibre at some level, but performance, reliability, and guarantees vary depending on the underlying network. Choosing the right type of connection now can save downtime, frustration, and cost in the future.
In this guide, we'll explore key factors when selecting the ideal business internet provider to keep you connected and thriving.
Understand the connection types
Here’s a quick comparison of the three main fibre-based connections available to businesses:
FTTC and FTTP may work for small teams or low-risk work, but DIA is the only connection built for business-critical reliability, speed, and consistent performance.
Ask yourself these questions
Before comparing providers, clarify your internal needs:
- How critical is uptime for your business operations?
- Which teams rely heavily on cloud apps, video conferencing, or large file transfers?
- How much bandwidth do we need now, and how much will we need in 2–5 years?
- Are upload speeds as important as download speeds for our workflows?
- Would temporary downtime cause financial or reputational damage?
This self-assessment helps you match connection types to your business requirements.
.png)
How DPG overcame last-minute delays to get online in 3 weeks
Anyone who’s managed an office move understands how much coordination it takes: logistics, tight deadlines, suppliers to manage, all while keeping the day job going. But when your internet provider, a well-known legacy player, lets you down just weeks before your move, things can get really stressful.
Three months to get connected – but the provider stalled
DPG is a specialist social justice law firm. With a team of 80, they rely on secure, fast connectivity to manage sensitive legal work.
They gave their internet provider three months’ notice to install a leased line at their new office. But as the move-in date approached, the provider asked for a further 60-day extension.
With just six weeks left to go before staff were due to move in, DPG had no choice but to cancel their contract and find a new supplier.
.jpg)
.jpg)
