IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

What is WormGPT?

Answer: An AI designed to create phishing messages.

Closeup of a robotic hand typing on a keyboard.
The overall rise in popularity of artificial intelligence has, unfortunately, also given rise to the technology’s darker side. Fortunately, it looks like we don’t have to be too worried about some of these nefarious uses of AI — at least not yet.

One example is WormGPT, a large language model (LLM) released last month. According to its creators, it is based on EleutherAI’s GPT-J and can be used to write convincing phishing emails and text messages. “Convincing” may be too generous of a term, though. Cybersecurity firm SlashNext was able to put the bot to the test, and the results were less than impressive.

When asked to generate a “convincing email” that could be used to compromise a business, the bot wrote up a message that should easily raise red flags to any recipient who is paying attention. Though it was free of obvious grammatical and spelling errors, which are usually the first sign of phishing, it makes quite a few mistakes like referring to an attachment that obviously doesn’t exist.

Fortunately, the more mainstream AI applications that might be able to write a more believable phishing email have safeguards in place to prevent them from doing so. As for the ones that don’t, not only are they difficult to even get access to, but it seems even if you manage to get your hands on one they leave a lot to be desired.