As artificial intelligence (AI) systems are getting more integrated into our daily life, there is a growing tendency among users to get hold of free AI tools. Cybercriminals have rightly spotted this weakness as an opportunity to spread malware capable of stealing users' login credentials.
Earlier this week, Google filed a lawsuit in the northern district of California, US, against three people for using false advertisements for Bard, Google's generative AI chatbot. They were allegedly tricking users into downloading malware that gave the fraudsters access to login credentials.
Halimah DeLaine Prado, general counsel of Google, says in a blog post
, "The fraudsters created social media pages and ran ads that encouraged people to 'download' Bard, our freely available generative AI tool that does not need to be downloaded. The ads, instead led people to download malware that compromised their social media accounts. Since April, we have filed roughly 300 takedowns related to this group of bad actors."
According to the lawsuit, the scam has been showing up in ads, pages and posts on Facebook- including 'Google AI', 'AIGoogle' and 'AIGoogleBard' - that use Google logos and a photo of Sundar Pichai, the chief executive officer (CEO) of Google. "The malware-linked ads seek to confuse Facebook users because Google itself has advertised its Bard product on Facebook," the lawsuit says.
The lawsuit by Google is the first action by a major technology company on the growing number of AI-related online scams. However, the only issue, in this case, is the scammers are based in Vietnam, which is out of the jurisdiction of the US district court, and the US does not have any extradition treaty with that country. So, it would be interesting to see how the case progresses.
Ms Prado from Google says, "Just as AI fraudsters hope to fly under the radar — we believe that appropriate legal action and working with government officials puts scammers squarely in the crosshairs of justice, promoting a safer internet for everyone."
While the rules, regulations, and legal action are all the way to go, safeguarding common users remains an arduous task for everyone. Before we learn about protecting ourselves from increasing cyber fraud, let us first understand malware.
Malware is a term used to describe malicious software that is designed to harm or exploit computer systems, personal devices and networks. Malicious code or techniques exploit security vulnerabilities in software or operating systems of computers or personal devices.
Malware encompasses a wide range of harmful software types, each with its own specific purpose and method of operation.
Here are some common types of malware:
Viruses: These are programs that can replicate themselves by attaching to other legitimate programs of software. Viruses can spread through infected files and cause damage to the host system or corrupt files and data.
Worms: They are similar to viruses, but worms can self-replicate to spread across networks or devices without needing a host file. Worms often exploit vulnerabilities in network protocols to propagate.
Trojans: Unlike viruses and worms, trojans do not replicate themselves. Instead, they disguise themselves as legitimate software or files to trick users into downloading and executing them. Once activated, Trojans can perform various malicious actions, such as stealing data or providing access to the system to fraudsters.
Ransomware: This is malware that encrypts a user's files or locks them out of their system, demanding a ransom payment in exchange for restoring access. Ransomware attacks have become a significant threat, targeting individuals and organisations.
Spyware: These are programs designed to secretly gather information about a user's activities, such as keystrokes, browsing habits and personal information. This information is often sent to a remote server without the user's knowledge or consent.
Adware: These programs display unwanted advertisements on a user's computer or device. While not always malicious in intent, adware can be disruptive and may compromise user privacy by collecting and transmitting data about browsing habits.
Rootkits: These are malicious software that enables unauthorised access to a computer or network. Rootkits often hide their presence from detection by modifying or replacing core system files.
Botnets: These are networks of compromised computers (bots) that are controlled by a single entity, usually for malicious purposes. Botnets can be used for activities such as distributed denial-of-service (DDoS) attacks, spam distribution, and other forms of cybercrime.
Keyloggers: This includes software or hardware that records the keystrokes of a user, capturing sensitive information such as login credentials, card numbers, banking and personal details.
Protecting against malware involves a combination of security measures, such as using antivirus software, keeping software up-to-date, practising safe browsing habits, and being cautious about email attachments and downloads. Regular system scans and backups are also essential to a comprehensive cybersecurity strategy.
Here are some general tips to help protect yourself from malware…
1. Use good quality antivirus or anti-malware software and update it regularly.
2. Ensure that your operating system, browsers and all software are up-to-date with the latest security patches. Use automatic updates whenever possible.
3. Download software, files and applications only from reputable sources. Avoid downloading cracked (pirated) software or installation files (for example, Android package kit or apk files) from unofficial websites, as they may contain malware.
4. Use strong, unique passwords for all your accounts. Avoid using the same password across multiple platforms. Also, use multi-factor authentication, if possible.
5. Regularly review your bank and credit card statements for any unauthorised transactions.
6. Be cautious of social engineering tactics, such as phishing scams, where attackers try to manipulate you into divulging sensitive information.
By adopting these practices, you can significantly reduce the risk of malware infections and enhance the overall security of data on your computer and personal devices.
Stay Alert, Stay Safe!