AI is making it easier to target people with more personalized scams: 1Password CEO
Posted Jun 19, 2024 03:39:01 PM.
Last Updated Jun 19, 2024 04:40:09 PM.
TORONTO — The head of one Canadian company fighting to bring safety to the online world says watch out for artificial intelligence because it’s making hackers and scammers even better at targeting people.
Jeff Shiner, the chief executive of Toronto-based password management business 1Password, shared his worries about how much more personalized the technology is making cybersecurity threats at the Collision tech conference in Toronto on Wednesday.
“AI … is going to be able to sit there and target you individually and say something that is particular to you or comes from somebody that you may know,” Shiner said.
“It is going to have a topic that is going to resonate with you and it will be very difficult for you as a human to know whether that’s true or not.”
The attacks, he said, will not be like the scam emails many have seen from people wanting to send you 1,000 pounds of gold, if you enter login information into a link, or posing as the Canada Revenue Agency to trick you into providing banking information.
Instead, they could be more along the lines of what happened in Hong Kong earlier this year, when police in that country said they learned of a finance worker who was duped into handing over $25 million to fraudsters who used deepfake technology to pose as his employer’s chief financial officer.
Statistics Canada data reveals the number of police-reported cybercrimes in the country reached 74,073 in 2022, up from 71,727 in 2021 and 33,893 in 2018. (Experts have long warned cybercrime is under-reported because of the stigma and embarrassment that can be associated with being duped.)
Even as individualized attacks increase, traditional threats won’t go away, Shiner warned.
Identity theft, hacking and phishing, where scammers try to lure potential victims into clicking malicious links, downloading malware or sharing sensitive information by posing as legitimate organizations, will all be turbocharged, he said.
“They’ll just be a lot more intelligent, and they’ll be able to be done at scale in ways that haven’t been done before,” Shiner said.
Companies, he said, need to be on guard for these attacks and that means taking safety efforts beyond quarterly reminders to staff to not click on suspicious links.
Businesses need to give workers more tools to make it easier to identify threats and ensure the person they are speaking with is really who they say they are because AI is going to make that task “much more difficult for a human.”
But companies will also have to consider how some AI tools their staff use are posing risks of their own, Shiner said. For example, AI chatbots that many people have dabbled with could be using anything inputted into them to train their models.
“Any information you’re putting out there, whether it’s company confidential information, whether it’s your customer data, all of that could be going out there in ways that could be used and shared,” he said.
Shiner’s appearance at Collision came as questions have swirled about the future of 1Password.
Many have wondered what the company will do when Apple acts on plans announced in June to introduce a new app called Passwords, which will securely store a user’s login credentials, including passwords, verification codes, and security alerts, in one place.
Shiner was not asked about the Passwords launch on Wednesday, but the service is expected to rival the products offered by 1Password, which raised $744.3 million in January 2022 in a C Series round that attracted a who’s who of Hollywood. Investors included Ryan Reynolds, Scarlett Johansson, Robert Downey Jr., Matthew McConaughey and Trevor Noah among others.
This report by The Canadian Press was first published June 19, 2024.
Tara Deschamps, The Canadian Press