ChatGPT Worm

WormGPT is another threat to cyber security

John Iovine


Imagine a ChatGPT AI without constraints placed on it. Individuals, organizations, and governments can direct the AIs to perform unscrupulous actions to achieve harmful objectives.

Hackers use the unfettered AI to direct phishing attacks. The AI is capable of learning. It can scrape the Internet for personal information on you to create personal attacks. It will try to trick you into sharing sensitive information, like your credit card information or social security number.

The personal attacks I received informed me that my email account had been compromised and that I must use “their” link to “verify” my identity, or my email account would be disabled, usually within 24 hours.

Variations on this theme included compromised credit cards, bank accounts, utilities, shipping payments for merchandise in transit, and various past-due bills.

The AI is not restricted to only Spam emails, the technology has evolved where the AI can make phone calls. Imagine a call from a voice on the phone that sounds like a loved one who needs money right now for a crisis like a car accident, towing, bail, medical bill, etc. Your first response should be to verify their identity by asking a personal question only your loved one would know. Anyone needing money in the form of gift cards is a big red flag.

AI can be directed to hack into organizations, banks, and government organizations. With so many people working remotely, has opened the opportunity for an AI to scam into a business portal as a remote worker to obtain sensitive information.

With AI’s code-writing expertise, it can formulate new computer viruses. Governments can direct AI to break into city and national computer support systems to disrupt services. For instance, infiltrating the electric grid computers to cause power outages or Air Traffic control computers to force the grounding of planes.

Defending Against WormGPT

Businesses, organizations, and governments have full-time teams working on circumventing these AI attacks on our infrastructure.

You need to become diligent as the AI attacks will continue to increase and become more intelligent. I expect anti-virus companies to turn the tables on hackers and incorporate AI into virus protections. I hope the companies really use AI, and that the AI moniker isn’t only marketing hype.

To protect yourself, take the following steps.

Employ multi-factor authorizations.

Never click on questionable links.

Do not download attachments from unverified sources. I get the willies when I see zip file attachments to my email.

Double-check any request for sensitive information.



John Iovine

Science writer, thinker, self-experimenter, focusing on personal development and health —