Cybercriminals are using generative AI programs as a hook to scam us

Cybercriminals are using the artificial intelligence (AI) to try to scam us. Not only do they use the Generative AI as a tool in their attacksbut also use it as I call for us to fall into their traps. The cybersecurity company ESET has warned of Fake AI tools which are used as a hook to spread malware which could steal confidential information from us. We explain how these attacks work and give you advice on how to prevent them.

Companies creating generative AI are being impersonated to trick users into downloading malware

ESET has warned of social media posts that redirect users to fraudulent web pages where the user is impersonated companies developing generative AI tools, such as MidJourney.

Screenshot of the fraudulent web page. Source: ESET

On this fraudulent website we are invited to click on a button to get the supposed installer of the tool. However, what is downloaded to our device is malwarespecifically a spyware with which they could monitor the activity of our device. The objective is the theft of information “that may be related to passwords stored in system applications, bank details or cryptocurrency wallet detailsdata relating to the record of navigation o including session cookies“explains Josep Albors, director of research and awareness at ESET Spain.

Screenshot of the file that is downloaded when clicking on the button on the fraudulent website. Source: ESET

Cybercriminals could use advertising campaigns on social networks to spread this scam

The cybersecurity company Bitdefender also published a report in which he warned of Fraudulent advertising campaigns in Facebook promoting alleged AI tools such as Midjourney, Sora AI, DALL-E 3, Evoto, ChatGPT 5, Gemini AI, among others. These detected campaigns were aimed at European users from different countries, including, Spain.

He mode of operation The trick is this: cybercriminals take control of Facebook profiles, change the description, cover photo and profile picture, and impersonate the companies that develop the various technologies. Then, to make it look like a legitimate account, they post news, photos generated with artificial intelligence and adverts that promise improvements to the spoofed AI serviceas well as links for users to supposedly have free access or tool trials.


Examples of fraudulent ads. Source: Bitdefender

“Malicious Facebook pages are meticulously designed to trick users to download supposedly official desktop versions of software of artificial intelligence”, explain the researchers. However, the links direct users to fraudulent web pages that download malware on the victim’s device with which they can collect credentials, bank card information or cryptocurrency wallet information.

Tips to prevent this type of attacks

To avoid falling into these types of traps, ESET recommends the following:

“If we also make sure to stay informed about the techniques used by cybercriminals, it will be more difficult for us to join their list of victims,” ​​says Albors.

Damn Timo is supported by:

For Latest Updates Follow us on Google News


PREV This is how much housing is priced in the city
NEXT Audi and BP join forces in Formula 1