Checklist 327: A.I. Dangers and Working Remote Securely
Woz warns on AI scams
Apple co-founder Steve Wozniak (also known as “Woz”) is warning about the risks of AI scams. A BBC article had Wozniak saying:
AI is so intelligent it’s open to the bad players, the ones that want to trick you about who they are…
What are some examples of this?
Consider the case of phishing. For years, cybersecurity experts have warned that poor grammar or spelling is a good way to spot a phishing email. But AI tools like ChatGPT write convincing, grammatically correct emails that sound like an actual person wrote them—a capability bad actors can exploit.
The danger isn’t just limited to email phishing. 9to5Mac cites a recent McAfee report that details AI voice scams. In these scams, bad guys use AI voice-cloning tools to impersonate specific individuals with up to 95% accuracy. These tools are rapidly taking us to a future in which it will be difficult to know whether that familiar voice on the phone really is who they say they are!
How to defend against AI voice scams
The authors of the McAfee report on AI voice scams offer some suggestions for how to protect yourself from this futuristic risk:
Set all of your social media accounts to private: Bad actors often find their targets using social networks. So make yourself hard to find.
Don’t overshare your voice or video online: AI cloning tools need a sample in order to be effective. The larger the sample, the easier it is for these tools to impersonate you.
Ask a challenge question: If you receive a suspicious call, verify the identity of the person calling by asking a question that a scammer wouldn’t know the answer to. Make sure the question is something you’ve never talked about online, and something that only the person calling would know—if they are who they say they are!
Set up a codeword with kids and family: A codeword can be used to authenticate themselves if they need to call for help in an emergency—in other words, in the type of real-world situation that bad guys use as AI voice scam pretexts.
Tips for security when working remotely
Remote work went mainstream during the pandemic, and it’s likely here to stay. But that opens up a vast new attack surface for bad actors.
The folks at ZDNet have put together a list of tips to help remote workers stay safe. The article is well worth reading in full, but here’s a highlights-only version if you’re short on time:
- If you must use public Wi-Fi, make sure you’re protected by a VPN.
- Use an anti-malware tool. Your company has probably already provided one—but if not, install a reputable security app on your device.
- Update your devices regularly—including IoT devices and routers. This will help reduce your home network’s vulnerability to attack.
- Always use strong, unique passwords. To this we’d add: Be sure to use 2FA for better security.
- Be aware of household risks. This includes physical risks to your devices (a curious cat and a cup of coffee can kill a laptop) as well as privacy risks from people in your house. Keep your devices in safe places and never leave them unlocked if you need to step away.