The Energy Act: Future regulation of energy smart appliances

View All

Case Studies

Powering Alt HAN Co.'s Smart Meter Rollout

View All

Upcoming Events

LEMA Summit 2024

View All


Digital Operation Resilience Act (DORA) - Is your organisation on track?

View All


WormGPT: New AI tool raises the threat level of phishing attacks

26th Jul, 2023

WormGPT, an evolved version of the GPT-3 language model, has become a major threat actor in the world of phishing emails. Malicious actors are using this powerful Artificial Intelligence (AI) tool to craft sophisticated and convincing phishing emails that can deceive even the most cautious individuals.

The rise of AI has brought about incredible advancements. From generating content and ideas, to improving efficiency through performing mundane tasks like writing emails, there are seemingly limitless possibilities of what AI can do. Yet with opportunity comes risk, and unfortunately, it has also opened doors for cybercriminals. In this blog, we will explore the dangers posed by WormGPT and the steps being taken to combat this emerging menace.

Understanding WormGPT and Its Capabilities

WormGPT is a variant of the GPT-3.5 architecture, which can generate human-like text based on the input it receives. Traditionally, phishing emails were often laden with grammatical errors and inconsistencies, making them easier to spot. However, WormGPT can produce emails that are near-perfect in structure, tone and content. This raised authenticity makes it challenging for recipients to differentiate between genuine communications and phishing attempts.

Evolution of Phishing Attacks with WormGPT

Phishing has always been a widespread cyber threat, but with the help of WormGPT, it has taken on a new level of sophistication. Cybercriminals use this AI-powered tool to analyse vast amounts of data, including social media posts and publicly available information, to create  personalised and targeted emails. Cybercriminals will send emails posing as social media platforms, banks or other trusted sources – all with the intention of tricking their target into granting them access to an organisation’s network, or submitting financial information.

Automation and Scale

WormGPT’s ability to automate email creation allows cybercriminals to launch large-scale phishing campaigns. They can send a massive volume of messages to various targets, hoping that a small percentage of recipients will take the bait. This automated approach significantly increases the potential for success. Even a small success rate can yield valuable information or unauthorised access.

The Bane of Spear Phishing

The other capability that cybercriminals exploit using WormGPT is Spear Phishing. The key factor that sets this type of attack apart is that the emails are tailored to specific individuals or organisations. Threat actors can exploit the personal connection and trust that recipients may have with the alleged sender. Whether it’s by including familiar names, relevant details, or referencing recent events, the attackers are using WormGPT to craft messages that seem genuine and compelling.

Detecting WormGPT-Generated Phishing Emails

Identifying phishing emails created by WormGPT has become a taxing task due to their sophisticated nature. Traditional email filters may struggle to detect these messages due to their linguistic accuracy. However, researchers and security experts are working on developing advanced AI-based detection systems. These will be capable of discerning between genuine and AI-generated content. With such a global focus on AI, it is likely that there will soon be systems in place to lessen any damage that threat actors can cause.

Mitigating the Threat of WormGPT

There are several steps an organisation should take to mitigate the risk of WormGPT phishing emails. Cybersecurity awareness and education is one of the most important actions to take. Training employees to recognise the signs of phishing attempts and verifying the legitimacy of emails can go a long way in preventing successful attacks.

As well as this, organisations should look to implement robust email security solutions. Modern filters that use AI and machine learning for anomaly detection can reduce the risk of successful phishing attempts. These systems can analyse email content, sender behaviour, and other contextual information to identify potential threats.

Organisations should also ensure that they have access to real time threat intelligence that is specific to their business area. Generic threat intelligence reports will give an overview of a threat. However, they often won’t pick up specific phishing campaigns until after they have had a global effect.

The rise of WormGPT in the creation of phishing emails is a concerning development in the cybersecurity landscape. Its ability to craft convincing messages poses a high threat to individuals and organisations alike. Combating this menace requires a collective effort from individuals, organisations, and the cybersecurity community. By staying vigilant, adopting advanced security measures, and fostering cybersecurity awareness, companies can play their part in neutralising this new breed of phishing threats.


Matthew Stevens

Assistant-lead, Cyber Threat Services

Read Bio