News and Information

Is ChatGPT Your Next Financial Advisor?

ChatGPT, an artificial intelligence (AI) chatbot created by OpenAI, has risen in popularity since its release last year. Now, cybercriminals are using ChatGPT’s popularity to lure you into phishing scams. In one of these scams, cybercriminals try to trick you with a fake new ChatGPT feature.

The scam starts with a phishing email informing you that ChatGPT has a new feature to help you invest in the stock market. If you click the link in the email, you’ll be taken to a spoofed ChatGPT website and prompted to enter your contact information. Then, a representative will call you and request that you submit a payment to open your investment account. Unfortunately, if you submit a payment, that money won't help you invest in the stock market. Instead, cybercriminals will steal it to invest in their own malicious pursuits.

Follow the tips below to stay safe from similar scams:

• Before you click a link, hover your mouse over it. Make sure that the link leads to a legitimate, safe website that corresponds with the content in the related email.
• Be cautious of unexpected investment opportunities. Remember, if something seems too good to be true, it probably is!
• Never submit payments to a bank account provided in an email, text message, or phone conversation. Instead, navigate to the organization’s official website to submit a secure payment.

IT or Cybercriminal?

Coinbase, a cryptocurrency platform, was the latest victim of a social engineering attack. Social engineering occurs when cybercriminals manipulate you to try to steal your sensitive information.

In this recent attack, a cybercriminal sent smishing (SMS phishing) messages to Coinbase employees. These messages contained a link directing employees to log in to their company accounts. Shortly after one employee clicked this link, Coinbase saw and prevented the cybercriminal from gaining internal access. Later, the cybercriminal called the same employee and claimed to be from Coinbase’s IT department. The employee thought the call was legitimate, and the cybercriminal stole some sensitive information over the phone.

Follow the tips below to stay safe from similar scams:

• Always be cautious of unexpected text messages.
• Think before you click! Cyberattacks are designed to catch you off guard and make you act impulsively.
• Before you share any sensitive information over the phone, verify that the caller is actually who they say they are.

r/Cybercriminals: Spear Phishing

Reddit, a popular online community, was the latest victim of a spear phishing attack. Spear phishing is a targeted email attack that looks like it’s from a trusted source, but it’s actually from cybercriminals in disguise.

In this recent attack, a cybercriminal set up a fake website designed to steal login credentials. Then, the cybercriminal sent phishing emails to Reddit employees. The emails prompted employees to visit the fake website and enter their credentials. Through this attack, the cybercriminal was able to access sensitive information from Reddit and steal internal company data.

Follow the tips below to stay safe from similar scams:

• Make sure that the sender is actually who they say they are. If the sender claims to be someone you know, reach out to them in person or by phone to verify.
• Remember that spear phishing attacks can happen to anyone. Think before you click, and never click a link in an email that you aren’t expecting.
• Be careful with the information you share about yourself online. Cybercriminals can use this information to target you in phishing attacks.

Scams Related to the Turkey-Syria Earthquake

Last week, two earthquakes occurred in Turkey and Syria. Unfortunately, cybercriminals often use crises to get your attention and manipulate your emotions. Cybercriminals have already begun exploiting this event to try to scam you and steal your sensitive information.

In the coming weeks, we expect to see an influx of phishing attacks referencing this recent event. Cybercriminals may send phishing emails with links asking you to donate money or view “exclusive” videos relating to this news. Clicking these links could allow cybercriminals to steal your sensitive information or install malware on your device.

Follow the tips below to stay safe from these types of scams:

• Avoid making donations to unknown users. If you would like to donate to support a cause, donate directly through a trusted organization's website.
• Think before you click. Cyberattacks are designed to catch you off guard and trigger you to click impulsively.
• Stay informed by following trusted news sources. If you see a sensational headline, research the news story to verify that it’s legitimate.

Watch Out for Scams This Tax Season

In most countries, it’s cybercriminals' favorite time of the year: tax season. Taxes are a sensitive topic that can easily be used to catch your attention or manipulate your emotions. Over the next few months, cybercriminals will likely mention taxes in phishing attacks and disinformation campaigns.

Tax season is also a vulnerable time for your sensitive information. Tax documents from employers, banks, and other organizations typically include personally identifiable information. If cybercriminals get their hands on this information, they can use it to steal your identity, your money, and more.

Follow the tips below to stay safe during tax season:

• Always think before you click. Cyberattacks are designed to catch you off guard and trick you into clicking impulsively.
• Use extra caution when handling tax documents. For digital documents, use password protection. For physical documents, keep paperwork in a secure location and shred anything that is no longer needed.
• Be suspicious of emails, text messages, and social media posts that contain shocking information about taxes in your country. These messages could be disinformation, which is false information designed to mislead you.