AI: Experts warn of new ways you can get hacked

Artificial Intelligence, Cybersecurity, News

Artificial intelligence (AI) has become a game changer in many areas of our daily lives, including cybersecurity. With the rising use of new AI-driven tools like ChatGPT, the number of cyberattacks has doubled and become more sophisticated.

Cybersecurity experts say that AI-powered cybersecurity tools could help protect your privacy in the new reality, but they are not a silver bullet. Cybercriminals are keen users of AI-driven tools, with their use facilitating the automation of a significant portion of phishing attacks.

“Furthermore, it is anticipated that the frequency of such attacks will escalate in the future, posing a significant cybersecurity threat,” says Marijus Briedis, CTO at NordVPN. Here we look at several ways hackers use AI to increase the success rate of their cybersecurity attacks.

Tailoring spear-phishing attacks 

The most common way cybercriminals use AI is to create personalized and convincing phishing attacks. Since AI can analyze vast amounts of publicly available data and better understand the target’s behavior and preferences, AI-generated personalized phishing emails can be highly effective at deceiving individuals. Moreover, public information is not the only thing that popular AI tools have at their disposal. 

“As AI systems become more prevalent, there is an increased risk of mishandling or misusing sensitive data. For example, if an employee of a certain company uses an AI tool to write a report from confidential information, the same data later could be used to create so-called spear-phishing attacks that are highly tailored to individual targets, increasing the likelihood of success.

“Once you get a phishing email with information that is supposed to be confidential, there is a big chance that you will fall into the trap,” explains Briedis.

Modifying malware in real-time

AI tools help hackers automate tasks like reconnaissance and crafting custom malware, making their attacks more efficient, difficult to detect, and large-scale. For example, AI-powered bots can conduct automated brute-force attacks, leading to an increased volume of attacks.

“Hackers also use AI to enforce malware attacks to evade traditional cybersecurity defenses. By using AI algorithms, attackers modify malware in real-time to avoid detection by antivirus and other security tools. With this kind of automation, hackers are seriously challenging traditional cybersecurity tools and exploiting their vulnerabilities,” says Briedis. 

How to mitigate cybersecurity risks posed by AI

While AI is proving its effectiveness in improving cyberattacks, it could also be used to protect users. Cybersecurity requires a multi-layered approach, including user education, regular software updates, strong passwords, and best security practices. Cybersecurity expert Marijus Briedis advises how to mitigate cybersecurity risks posed by AI-driven attacks: 

  • Check the destination URL before clicking. The most common way to lure victims into downloading malware is through phishing emails that hide spoofed URLs and malicious files. AI-generated tailor-made phishing emails might be hard to distinguish. But instead of clicking the link, hover your mouse on the button first to see the destination URL. Check if it looks legitimate and – this is important – if it contains the “https” part.
  • Double-check the legitimacy of an email. If you receive an email from somebody you know, think twice before clicking any links. Is it typical of this person to send an email? If not, contact them via phone, social media, or other channels to confirm their legitimacy.
  • Use a reliable antivirus. Users should choose an antivirus with advanced protection against malware, spyware, and viruses. An antivirus program will detect and neutralize malicious threats before they do any harm. For example, NordVPN’s Threat Protection feature neutralizes cyber threats, like malware-ridden files or malicious websites, before they can damage your device.
  • Enable a firewall. A firewall protects the system by monitoring the network traffic and blocking suspicious connections. Users should have security settings and ensure the computer’s inbuilt firewall is running.
  • Stay secure on public Wi-Fi using a VPN. Public Wi-Fi networks are highly vulnerable to hacking. Cybercriminals often target people at free hotspots and try to slip malware into their devices. Users should always use a VPN to secure their Wi-Fi connection and protect themselves from unwanted snoopers.
Chris Price
For latest tech stories go to