The chat bot Chat GPT is increasingly finding its way into the realm of organized cybercrime, making it easier for cybercriminals to gain access to bank accounts.
Berlin, Munich 07/12/2023 – The chat bot Chat GPT is increasingly finding its way into the realm of organized cybercrime, making it easier for cybercriminals to gain access to bank accounts.
Using AI, highly customized spear phishing emails can be generated in seconds, making such attacks more dangerous and effective than ever. This is apparently also the case in the most recent phishing scandal at the savings banks, which CLLB has already reported on.
The amount of damage in many federal states is already several million euros, as reported by the consumer magazine WISO. The banks have also been aware of the security gap for a long time.
The law actually provides for strong customer authentication when the bank customer logs into their bank account online. However, many banks use a legal exception that allows access without further TAN confirmation. However, no sensitive payment data may be visible here.
Precisely such data as address, date of birth or telephone number were apparently stored in “read access” at many savings banks for years, so that the missing 2-FA served as a gateway for criminals. The Bafin judges the consumer magazine: “If this read access is possible for individual savings banks, this should be cleaned up immediately”.
From a legal point of view, the bank customer would only have to pay for the damage if the bank was able to prove gross negligence in handling his payment data. However, this can hardly be said to be the case due to tailor-made phishing mails. The legislator has also regulated that banks cannot invoke the accusation of gross negligence if a 2-FA was not established, according to lawyer Ruigrok van de Werve, from the law firm CLLB. The hack could also have been prevented by the bank through other state-of-the-art anti-phishing measures.
CLLB Rechtsanwälte therefore advise affected bank customers to contact a suitably experienced law firm of their choice in order to reclaim the unauthorized debited funds.
2023-07-12 12:25:11
#Cyber #criminals #plunder #bank #accounts #artificial #intelligence