Check Point warns of AI-generated threats on mobile devices

August 1, 2023

Contaminated apps, fake AI websites, fake proxy servers and phishing: the chance of falling victim to a cyber attack is higher on mobile devices than on stationary ones.

Generative artificial intelligence (AI) tools, such as ChatGPT and Google Bard, are growing in popularity worldwide. They enable their users to increase efficiency and productivity in their daily work. However, these diverse applications are both a curse and a blessing, as they can also be abused by hackers for cyber attacks. Shortly after their introduction, generative AI tools were already being used to create malware at lightning speed. Many of them appeared in the official app stores. Moreover, generative AI has been abused for creating fraudulent emails and messages as well as AI-powered phishing campaigns and deepfakes on YouTube.

Unfortunately, the providers of generative AI bots do not have a handle on these problems. In a recent report, the Check Point Research team found that Bard (Google’s generative AI tool) imposes almost no restrictions on the creation of phishing emails and that it can be used to develop keyloggers for malware with minimal manipulation.

For these reasons, some companies have already banned the use of AI tools on corporate devices or networks. Other companies that allow their employees to access generative AI tools have fallen victim to data leaks. Therefore, until proper measures are in place to protect sensitive data from being leaked and internal information from being stolen, companies should be especially diligent in enforcing their security policies.

Mobile devices are no exception. In fact, mobile users are more likely to download a malicious application or fall victim to phishing attempts than desktop users. The number of threat sources is far from small. Check Point lists some of the most important:

  • Apps that mimic popular AI sites and resources (ChatGPT and Google Bard) to steal sensitive data.
  • Apps that use web services and behave as proxies to popular AI websites and resources, as well as exploit their middleman position to siphon off information.
  • App malware designed by generative AI engines to deceive end users, whether consumers or businesses.

The smaller screens of mobile devices, as well as the large number of apps and notifications, can mislead users and cause them to more recklessly click on malicious links or download contaminated files. For many people, social networks are also the most frequently used applications on mobile devices, which means mobile users are more vulnerable to social engineering and phishing.

Since the boundaries between personal and professional use of mobile devices are sometimes blurred, they can become a major gateway into companies, which is why protection against AI threats should be a top priority.

How do you protect mobile devices from AI threats?

  • IT attacks are now simply too advanced and complicated for humans to reliably detect. Phishing sites have become so advanced that they are identical to the original site. That’s why advanced technologies are needed to protect endpoints and prevent threats from entering the enterprise.
  • Mobile devices are a gateway into the enterprise. As AI is rapidly evolving, detection and remediation are not enough. A mobile security solution must include preventative capabilities to stop the threat at the device level before it gains access to networks.
  • The generative AI learning capabilities are impressive. If humans want to keep up, they must use AI to combat AI. Smart IT decision makers, therefore, make sure their security solution leverages both AI and machine learning technology to stay on top.

Those who want to harness the power of AI must also understand its dangers and take precautions. Businesses and consumers alike would be well advised to educate themselves about how hackers exploit AI. In addition, preventive cell phone security solutions are indispensable against the background of phishing attempts that are now deceptively real, in order to prevent people from being subjected to the risk of being deceived by them in the first place.

Related Articles

Share This