Latest news with #DaveChronister
Yahoo
17-04-2025
- Entertainment
- Yahoo
The viral AI-generated action figure trend is potentially putting your cybersecurity at risk, experts warn
In recent days, everyone from government agencies to celebrities to pro sports teams have hopped on the latest artificial intelligence-generated trend, using programs like ChatGPT to create an image of themselves in Barbie-like plastic packaging. However, tech experts warn that the light-hearted trend carries some risks, ranging from potentially inviting cyber scams to raising ethics and sustainability concerns. Participants in the trend often generate images featuring items referencing various aspects of their life, whether it's where they live, what they do for a living, or a favorite pastime. Those type of disclosures could help scammers trick people down the line. Oh, you know we had to hop on the fellas, reimagined as action figures.#GuardsBall — Cleveland Guardians (@CleGuardians) April 14, 2025 Clark County employees, assemble! 💪We joined the action figure trend to spotlight some real-life heroes who make our community stronger every day. Because when we work #togetherforbetter, anything is possible. 💙Want to join our team? Apply now: — Clark County Nevada (@ClarkCountyNV) April 16, 2025 'The fact that you are showing people, 'Here are the three or four things I'm most interested in at this point' and sharing it to the world, that becomes a very big risk, because now people can target you,' Dave Chronister, the CEO of cybersecurity company Parameter Security, told HuffPost. 'Social engineering attacks today are still the easiest, most popular way for attackers to target you as an employee and you as an individual.' Jennifer King, a privacy and data policy fellow at the Stanford University Institute for Human-Centered Artificial Intelligence, added in an interview with the outlet that users ought to consider that their images will likely go towards training future AI models, the same tools increasingly being integrated into corporate and military applications. Others have urged users to be careful incorporating trademarked material into their action figures. "Mattel has been known to pretty actively enforce protections against their marks," attorney Charles Gallagher told Fox13. "Having a Barbie logo on your action figure would probably be something you don't want to have." In the face of the action figure meme, some have sought to remind the public of the enormous energy and water needed to feed the advanced computers that power AI models. "ChatGPT Barbie represents a triple threat to our privacy, our culture and our planet," Professor Gina Neff of Queen Mary University London said in an interview with BBC.
Yahoo
17-04-2025
- Entertainment
- Yahoo
The Viral AI Action Figure Trend Could Be Putting Your Cybersecurity At Risk — Here's What To Know
If you're on social media, it's highly likely you're seeing your friends, celebrities and favorite brands transforming themselves into action figures through ChatGPT prompts. That's because, lately, artificial intelligence chatbots like ChatGPT are not just for generating ideas about what you should write ― they're being updated to have the ability to create realistic doll images. Once you upload an image of yourself and tell ChatGPT to make an action figure with accessories based off the photo, the tool will generate a plastic-doll version of yourself that looks similar to the toys in boxes. While the AI action figure trend first got popular on LinkedIn, it has gone viral across social media platforms. Actor Brooke Shields, for example, recently posted an image of an action figure version of herself on Instagram that came with a needlepoint kit, shampoo and a ticket to Broadway. People in favor of the trend say, 'It's fun, free, and super easy!' But before you share your own action figure for all to see, you should consider these data privacy risks, experts say. The more you share with ChatGPT, the more realistic your action figure 'starter pack' becomes — and that can be the biggest immediate privacy risk if you share it on social media. In my own prompt, I uploaded a photo of myself and asked ChatGPT to 'Draw an action figure toy of the person in this photo. The figure should be a full figure and displayed in its original blister pack.' I noted that my action figure 'always has an orange cat, a cake and daffodils' to represent my interests in cat ownership, baking and botany. But these action figure accessories can reveal more about you than you might want to share publicly, said Dave Chronister, the CEO of cybersecurity company Parameter Security. 'The fact that you are showing people, 'Here are the three or four things I'm most interested in at this point' and sharing it to the world, that becomes a very big risk, because now people can target you,' he said. 'Social engineering attacks today are still the easiest, most popular way for attackers to target you as an employee and you as an individual.' Tapping into your heightened emotions is how hackers get rational people to stop thinking logically. These cybersecurity attacks are most successful when the bad actor knows what will cause you to get scared or excited, and click on links you should not, Chronister said. For example, if you share that one of your action figure accessories is a U.S. Open ticket, a hacker would know that this kind of email is how they could fool you into sharing your banking and personal information. In my own case, if a bad actor tailored their phishing email based on orange-cat fostering opportunities, I might be more likely to click than I would on a different scam email. So maybe you, like me, should think twice about using this trend to share a hobby or interest that is uniquely yours on a large networking platform like LinkedIn, a site job scammers are known to frequent. The other potential data risk is how ChatGPT, or any tool that generates images through AI, will take your photo and store and use it for future model retraining, said Jennifer King, a privacy and data policy fellow at the Stanford University Institute for Human-Centered Artificial Intelligence. She noted that with OpenAI, the developer of ChatGPT, you must affirmatively choose to opt out and tell the tool to 'not train on my content,' so that anything you type or upload into ChatGPT will not be used for future training purposes. But many people will likely stick to the default of not disabling this feature, because they do not fully understand it's an option, Chronister said. Why could it be bad to share your images with OpenAI? The long-term implications of OpenAI training a model on your image are still unknown, and that in itself could be a privacy concern. OpenAI states on its site: 'We don't use your content to market our services or create advertising profiles of you — we use it to make our models more helpful.' But what kind of future help your images are going toward is not explicitly detailed. 'The problem is that you just don't really know what happens after you share the data,' King said. Ask yourself 'whether you are comfortable helping Open AI build and monetize these tools. Some people will be fine with this, others not,' King said. Chronister called the AI doll trend a 'slippery slope' because it normalizes sharing your personal information with companies like OpenAI. You may think, 'What's a little more data?' and one day in the near future, you are sharing something about yourself that is best kept private, he said. Thinking about these privacy implications interrupts the fun of seeing yourself as an action figure. But it's the kind of risk calculus that keeps you safer online. Are You Being 'Spoofed'? This Specific Type Of Scam Is Hard To Catch. If You Suspect You Are On A Scam Call, Do NOT Say This 1 Word What Those 'Hello' Scam Texts Everyone Is Getting Are REALLY About


Chicago Tribune
24-03-2025
- Business
- Chicago Tribune
Tax season is a prime time for scams. IRS uncertainty could add to the issues this year
NEW YORK — There's a lot of information (and money) on the table during tax season. That also makes it a prime time for scams. Year-round, fraudsters may use a handful of common tactics to try to steal your identity, money or other sensitive information. As you prepare your annual tax return, due April 15, experts stress it's important to be extra vigilant. This year, scammers might take particular advantage of uncertainty stemming from recent workforce cuts impacting thousands of jobs at the U.S. Internal Revenue Service. These layoffs and the potential for even more widespread reductions also raise questions about resources, including the IRS's bandwidth to respond to scams reported by consumers. Here's what to know about tax scams and how to stay safe: Identify the signs of tax scams Tax scammers may try to reach you in a number of different ways — from lookalike emails, texts or phone calls impersonating the IRS to unsolicited social media offers that promise a suspiciously high refund. But there are a handful of common red flags to keep an eye out for, including: — Sense of urgency — Isolation tactics or threats — Promises of a big payday — Suspicious website links Cybersecurity experts stress that scammers prey on emotion — and will often try to evoke fear or uncertainty. Many tax scams will ask you to act fast or click on a malicious link right away. Others will make you think you did something wrong, going as far as threatening an arrest if you don't respond. Scammers may also isolate you from contacting others, such as a trusted accounting professional or even a family member. Many tax scams also advertise big payouts, but at a price. Some 'ghost' preparers, for example, will charge you for preparing your tax return — often with promises of maximizing your refund — but never sign it. They may then file a fraudulent return in your name, with an inflated income or fake deductions to boost the refund, and switch the bank account listed to claim your money. The IRS will never initiate contact via email, text or social media with requests for your personal information — and urges consumers to only use trusted, accredited tax professionals if you need help preparing your return. Those who have fallen victim to scams are also encouraged to report them. You can find more information on the agency's official website. What's different this year? Tax scams can be all the more convincing if they meet the moment. And this year, experts warn that cyber criminals or 'social engineers' might take particular advantage of uncertainty around the IRS cuts. 'Uncertainty is probably one of the biggest motivating emotions that social engineers take advantage of,' said Dave Chronister, a prominent 'ethical hacker' and CEO of Parameter Security, noting that scammers might use news of these cuts and impersonate the IRS to falsely promise taxpayers 'new' ways of filing. Similar tactics emerged during the height of the COVID-19 pandemic and following legitimate rounds of federal aid — with some scammers making false claims about additional stimulus checks, for example. All it takes is just 'a little bit of common knowledge' to 'nudge you' into trusting them, Chronister explains. Beyond how scammers use the news, the IRS workforce cuts could slow the agency's ability to actually respond to scams, Chronister and others note. As a result, malicious websites or predatory social media campaigns may not be taken down as quickly — and victims of fraudulent returns could have to wait longer for answers. 'There is potential for reduced oversight,' said Chris Pierson, chief executive of cybersecurity firm BlackCloak. 'If you have less individuals to be proactive within an agency that is housing, I mean, an amazing treasure trove of data and information — that obviously is concerning … (and could) create a riskier environment for the consumer.' Asked for comment, the IRS pointed to its 'Dirty Dozen' list of common tax scams to watch out for this year, among other steps taxpayers can take to protect themselves from identity theft and fraud. But the agency did not immediately comment on whether recent or future workforce cuts would impact its enforcement resources. Scams are also becoming more sophisticated, most recently thanks to the rising adoption of generative artificial intelligence. Experts warn that this technology is being used create 'hyper-realistic' phishing messages, including video or audio deepfakes, and can allow scammers to target more people at once through automation. Pierson also warns of the fallout from recent high-profile data breaches — including the National Public Data breach, which made headlines last year for reportedly leaking a massive amount of sensitive information on the dark web, including full names, social security numbers, contact information and mailing addresses. Having that information out there could lead to more fraudulent filings, he explains, or 'confidence scams' — where cyber criminals share one piece of information they have, like an address, to get people to trust them and share more. How can I protect my information and money? File as soon as you can. Nobody is eager to sit down and do their taxes, but getting it out of the way early — and before any scammers potentially try to file something in your name — makes a huge difference, Chronister explains. He adds that taxpayers can play it safe by sticking to what they know. 'If you've always been using TurboTax, use TurboTax. If you always use an accountant, use your accountant,' Chronister said. He notes that you should also keep your information safe by password-protecting any past filings downloaded to your device and using a VPN when on public Wi-Fi. The IRS also suggests setting up an identity protection PIN, a six-digit number that can help protect you from someone else filing in your name. You can also freeze your credit — which experts recommend as an added line of defense against future identity theft and fraud, even if you haven't been scammed. Freezing your credit prevents any new credit accounts from being created in your name. And you can always temporarily 'unfreeze' if a check is needed to rent an apartment or apply for a loan. Credit freezes can be set up through three nationwide credit bureaus: Equifax, Experian and TransUnion. And, again, remember that the IRS won't randomly contact you by email, text or phone. When in doubt, go to the official IRS website and reach out directly. Avoiding scams can also come down to pausing before you click or act on anything. 'Take a breath, count to 10 and then go, 'OK … is this too good to be true?'' Chronister sad. ''Is my gut telling me something is off?'' Chronister adds that social engineering is about emotion, not intelligence — and anyone can fall for it. 'It's human to fall for these (scams),' he said. 'They've been here since the beginning of mankind … So you have to stay vigilant, but don't panic. Just keep your gut check going.'
Yahoo
24-03-2025
- Business
- Yahoo
Tax season is a prime time for scams. IRS uncertainty could add to the issues this year
NEW YORK (AP) — There's a lot of information (and money) on the table during tax season. That also makes it a prime time for scams. Year-round, fraudsters may use a handful of common tactics to try to steal your identity, money or other sensitive information. As you prepare your annual tax return, due April 15, experts stress it's important to be extra vigilant. This year, scammers might take particular advantage of uncertainty stemming from recent workforce cuts impacting thousands of jobs at the U.S. Internal Revenue Service. These layoffs and the potential for even more widespread reductions also raise questions about resources, including the IRS's bandwidth to respond to scams reported by consumers. Here's what to know about tax scams and how to stay safe: Identify the signs of tax scams Tax scammers may try to reach you in a number of different ways — from lookalike emails, texts or phone calls impersonating the IRS to unsolicited social media offers that promise a suspiciously high refund. But there are a handful of common red flags to keep an eye out for, including: — Sense of urgency — Isolation tactics or threats — Promises of a big payday — Suspicious website links Cybersecurity experts stress that scammers prey on emotion — and will often try to evoke fear or uncertainty. Many tax scams will ask you to act fast or click on a malicious link right away. Others will make you think you did something wrong, going as far as threatening an arrest if you don't respond. Scammers may also isolate you from contacting others, such as a trusted accounting professional or even a family member. Many tax scams also advertise big payouts, but at a price. Some "ghost' preparers, for example, will charge you for preparing your tax return — often with promises of maximizing your refund — but never sign it. They may then file a fraudulent return in your name, with an inflated income or fake deductions to boost the refund, and switch the bank account listed to claim your money. The IRS will never initiate contact via email, text or social media with requests for your personal information — and urges consumers to only use trusted, accredited tax professionals if you need help preparing your return. Those who have fallen victim to scams are also encouraged to report them. You can find more information on the agency's official website. What's different this year? Tax scams can be all the more convincing if they meet the moment. And this year, experts warn that cyber criminals or 'social engineers' might take particular advantage of uncertainty around the IRS cuts. 'Uncertainty is probably one of the biggest motivating emotions that social engineers take advantage of,' said Dave Chronister, a prominent 'ethical hacker' and CEO of Parameter Security, noting that scammers might use news of these cuts and impersonate the IRS to falsely promise taxpayers 'new' ways of filing. Similar tactics emerged during the height of the COVID-19 pandemic and following legitimate rounds of federal aid — with some scammers making false claims about additional stimulus checks, for example. All it takes is just 'a little bit of common knowledge' to 'nudge you' into trusting them, Chronister explains. Beyond how scammers use the news, the IRS workforce cuts could slow the agency's ability to actually respond to scams, Chronister and others note. As a result, malicious websites or predatory social media campaigns may not be taken down as quickly — and victims of fraudulent returns could have to wait longer for answers. 'There is potential for reduced oversight,' said Chris Pierson, chief executive of cybersecurity firm BlackCloak. 'If you have less individuals to be proactive within an agency that is housing, I mean, an amazing treasure trove of data and information — that obviously is concerning ... (and could) create a riskier environment for the consumer.' Asked for comment, the IRS pointed to its 'Dirty Dozen' list of common tax scams to watch out for this year, among other steps taxpayers can take to protect themselves from identity theft and fraud. But the agency did not immediately comment on whether recent or future workforce cuts would impact its enforcement resources. Scams are also becoming more sophisticated, most recently thanks to the rising adoption of generative artificial intelligence. Experts warn that this technology is being used create 'hyper-realistic' phishing messages, including video or audio deepfakes, and can allow scammers to target more people at once through automation. Pierson also warns of the fallout from recent high-profile data breaches — including the National Public Data breach, which made headlines last year for reportedly leaking a massive amount of sensitive information on the dark web, including full names, social security numbers, contact information and mailing addresses. Having that information out there could lead to more fraudulent filings, he explains, or 'confidence scams" — where cyber criminals share one piece of information they have, like an address, to get people to trust them and share more. How can I protect my information and money? File as soon as you can. Nobody is eager to sit down and do their taxes, but getting it out of the way early — and before any scammers potentially try to file something in your name — makes a huge difference, Chronister explains. He adds that taxpayers can play it safe by sticking to what they know. 'If you've always been using TurboTax, use TurboTax. If you always use an accountant, use your accountant," Chronister said. He notes that you should also keep your information safe by password-protecting any past filings downloaded to your device and using a VPN when on public Wi-Fi. The IRS also suggests setting up an identity protection PIN, a six-digit number that can help protect you from someone else filing in your name. You can also freeze your credit — which experts recommend as an added line of defense against future identity theft and fraud, even if you haven't been scammed. Freezing your credit prevents any new credit accounts from being created in your name. And you can always temporarily 'unfreeze' if a check is needed to rent an apartment or apply for a loan. Credit freezes can be set up through three nationwide credit bureaus: Equifax, Experian and TransUnion. And, again, remember that the IRS won't randomly contact you by email, text or phone. When in doubt, go to the official IRS website and reach out directly. Avoiding scams can also come down to pausing before you click or act on anything. 'Take a breath, count to 10 and then go, 'OK ... is this too good to be true?'" Chronister sad. "'Is my gut telling me something is off?'' Chronister adds that social engineering is about emotion, not intelligence — and anyone can fall for it. 'It's human to fall for these (scams)," he said. "They've been here since the beginning of mankind ... So you have to stay vigilant, but don't panic. Just keep your gut check going.'


The Independent
24-03-2025
- Business
- The Independent
Tax season is a prime time for scams. IRS uncertainty could add to the issues this year
There's a lot of information (and money) on the table during tax season. That also makes it a prime time for scams. Year-round, fraudsters may use a handful of common tactics to try to steal your identity, money or other sensitive information. As you prepare your annual tax return, due April 15, experts stress it's important to be extra vigilant. This year, scammers might take particular advantage of uncertainty stemming from recent workforce cuts impacting thousands of jobs at the U.S. Internal Revenue Service. These layoffs and the potential for even more widespread reductions also raise questions about resources, including the IRS 's bandwidth to respond to scams reported by consumers. Here's what to know about tax scams and how to stay safe: Identify the signs of tax scams Tax scammers may try to reach you in a number of different ways — from lookalike emails, texts or phone calls impersonating the IRS to unsolicited social media offers that promise a suspiciously high refund. But there are a handful of common red flags to keep an eye out for, including: — Sense of urgency — Isolation tactics or threats — Promises of a big payday — Suspicious website links Cybersecurity experts stress that scammers prey on emotion — and will often try to evoke fear or uncertainty. Many tax scams will ask you to act fast or click on a malicious link right away. Others will make you think you did something wrong, going as far as threatening an arrest if you don't respond. Scammers may also isolate you from contacting others, such as a trusted accounting professional or even a family member. Many tax scams also advertise big payouts, but at a price. Some "ghost' preparers, for example, will charge you for preparing your tax return — often with promises of maximizing your refund — but never sign it. They may then file a fraudulent return in your name, with an inflated income or fake deductions to boost the refund, and switch the bank account listed to claim your money. The IRS will never initiate contact via email, text or social media with requests for your personal information — and urges consumers to only use trusted, accredited tax professionals if you need help preparing your return. Those who have fallen victim to scams are also encouraged to report them. You can find more information on the agency's official website. What's different this year? Tax scams can be all the more convincing if they meet the moment. And this year, experts warn that cyber criminals or 'social engineers' might take particular advantage of uncertainty around the IRS cuts. 'Uncertainty is probably one of the biggest motivating emotions that social engineers take advantage of,' said Dave Chronister, a prominent 'ethical hacker' and CEO of Parameter Security, noting that scammers might use news of these cuts and impersonate the IRS to falsely promise taxpayers 'new' ways of filing. Similar tactics emerged during the height of the COVID-19 pandemic and following legitimate rounds of federal aid — with some scammers making false claims about additional stimulus checks, for example. All it takes is just 'a little bit of common knowledge' to 'nudge you' into trusting them, Chronister explains. Beyond how scammers use the news, the IRS workforce cuts could slow the agency's ability to actually respond to scams, Chronister and others note. As a result, malicious websites or predatory social media campaigns may not be taken down as quickly — and victims of fraudulent returns could have to wait longer for answers. 'There is potential for reduced oversight,' said Chris Pierson, chief executive of cybersecurity firm BlackCloak. 'If you have less individuals to be proactive within an agency that is housing, I mean, an amazing treasure trove of data and information — that obviously is concerning ... (and could) create a riskier environment for the consumer.' Asked for comment, the IRS pointed to its 'Dirty Dozen' list of common tax scams to watch out for this year, among other steps taxpayers can take to protect themselves from identity theft and fraud. But the agency did not immediately comment on whether recent or future workforce cuts would impact its enforcement resources. Scams are also becoming more sophisticated, most recently thanks to the rising adoption of generative artificial intelligence. Experts warn that this technology is being used create 'hyper-realistic' phishing messages, including video or audio deepfakes, and can allow scammers to target more people at once through automation. Pierson also warns of the fallout from recent high-profile data breaches — including the National Public Data breach, which made headlines last year for reportedly leaking a massive amount of sensitive information on the dark web, including full names, social security numbers, contact information and mailing addresses. Having that information out there could lead to more fraudulent filings, he explains, or 'confidence scams" — where cyber criminals share one piece of information they have, like an address, to get people to trust them and share more. How can I protect my information and money? File as soon as you can. Nobody is eager to sit down and do their taxes, but getting it out of the way early — and before any scammers potentially try to file something in your name — makes a huge difference, Chronister explains. He adds that taxpayers can play it safe by sticking to what they know. 'If you've always been using TurboTax, use TurboTax. If you always use an accountant, use your accountant," Chronister said. He notes that you should also keep your information safe by password-protecting any past filings downloaded to your device and using a VPN when on public Wi-Fi. The IRS also suggests setting up an identity protection PIN, a six-digit number that can help protect you from someone else filing in your name. You can also freeze your credit — which experts recommend as an added line of defense against future identity theft and fraud, even if you haven't been scammed. Freezing your credit prevents any new credit accounts from being created in your name. And you can always temporarily 'unfreeze' if a check is needed to rent an apartment or apply for a loan. Credit freezes can be set up through three nationwide credit bureaus: Equifax, Experian and TransUnion. And, again, remember that the IRS won't randomly contact you by email, text or phone. When in doubt, go to the official IRS website and reach out directly. Avoiding scams can also come down to pausing before you click or act on anything. 'Take a breath, count to 10 and then go, 'OK ... is this too good to be true?'" Chronister sad. "'Is my gut telling me something is off?'' Chronister adds that social engineering is about emotion, not intelligence — and anyone can fall for it. 'It's human to fall for these (scams)," he said. "They've been here since the beginning of mankind ... So you have to stay vigilant, but don't panic. Just keep your gut check going.'