When you hear news about AI, it might be easy to assume it has nothing to do with you. You might imagine artificial intelligence is only something big tech giants are focused on, and that AI doesn’t impact your everyday life.
In reality, artificial intelligence is encountered by most people from morning until night; from Google searches to voice assistants (Siri, Google, Alexa), to digital recommendations (Amazon, Netflix) and anything in between!
One of the most popular recent trends has been generative AI (Chat-GPT, Google Bard, etc.). Using these tools can help spark creativity and make our lives easier and more productive. However, there are important considerations to keep in mind when using these tools including information security, data privacy, regulatory compliance, copyright, and academic integrity.
Here are some best practices when using generative AI tools.
Protect confidential data: You should never enter confidential or private data, including PII data (name, address, birth date, social security number, etc.), into publicly available generative AI tools for work or personal use. AI tools do not provide any expectation of privacy or confidentiality for any information used as input or prompt. When possible, users should opt out of permitting the use of entered data for learning/training models.
Be alert for AI-enabled phishing: Generative AI has made it easier for malicious actors to create sophisticated scams at a far greater scale.
- Deepfakes – a video of a person in which their face or body has been digitally altered so that they appear to be someone else, typically used maliciously or to spread false information.
- Voice impersonation (vishing) – With AI impersonation technology, hackers can create convincing fake personas that can be used to carry out a range of nefarious activities, including vishing attacks. Vishing attacks can be particularly effective, as they can be used to trick targets into divulging sensitive information.
- Malware – Hackers can use AI tools to create malicious code to steal data, infect your computer, or hack into your social media and bank accounts.
Always be vigilant and skeptical of unsolicited phone calls, emails, or social media requests, especially if they request sensitive information. When in doubt, always verify the authenticity of the communication with the organization or person in question.