BW Cyber has flagged multiple risks posed by generative AI (GenAI) tools such as ChatGPT, and criminals, seemingly always one step ahead, are now putting out fake ChatGPT-branded web browser and social media extensions to trick users into installing AI malware onto their local computers. These extensions then give cyber criminals access to a users’ web browser data, which can then steal passwords, user ID’s, and even allow a foothold to compromise the user’s computer.
As we’ve said previously, the lure of GenAI technology is strong. It has the potential to change the way asset and wealth managers work, and it’s not a surprise that companies of all sizes are trying to figure out how best to use the tech to their advantage without allowing criminals to take advantage of users’ naivety.
It’s critical that asset and wealth management firms develop strict GenAI Acceptable Usage policies in their employee handbook. As BW Cyber has stated previously, the best practice is to only allow limited GenAI access with pre-approval from management. As an example (one of numerous), while many of our clients may assume GenAI tech’s note-taking to be harmless and an incredibly useful tool, in reality, all of the conversations captured by the GenAI system will be maintained forever. Often, the information in these conversations includes incredibly sensitive company or client information.
