Canadian Cyber Security Journal
Filed under: Featured, News, Trends

Is ChatGPT Safe? 6 Cybersecurity Risks of OpenAI’s Chatbot

Although many digital natives praise ChatGPT, some fear it does more harm than good. News reports about crooks hijacking AI have been making rounds on the internet, increasing unease among skeptics. They even consider ChatGPT a dangerous tool.

AI chatbots aren’t perfect, but you don’t have to avoid them altogether. Here’s everything you should know about how crooks abuse ChatGPT and what you can do to stop them.

Will ChatGPT Compromise Your Personal Information?

Most front-end security concerns about ChatGPT stem from speculations and unverified reports. The platform only launched in November 2022, after all. It’s natural for new users to have misconceptions about the privacy and security of unfamiliar tools.

According to OpenAI’s terms of use, here’s how ChatGPT handles the following data:

Personally Identifiable Information

Rumors say that ChatGPT sells personally identifiable information (PII).

The platform was launched by OpenAI, a reputable AI research lab funded by tech investors like Microsoft and Elon Musk. ChatGPT should only use customer data to provide the services stated in the privacy policy.

Moreover, ChatGPT asks for minimal information. You can create an account with just your name and email address.


OpenAI keeps ChatGPT conversations secure, but it reserves the right to monitor them. AI trainers continuously look for areas of improvement. Since the platform comprises vast yet limited datasets, resolving errors, bugs, and vulnerabilities requires system-wide updates.

However, OpenAI can only monitor convos for research purposes. Distributing or selling them to third parties violates its own terms of use.

Public Information

According to the BBC, OpenAI trained ChaGPT on 300 billion words. It collects data from public web pages, like social media platforms, business websites, and comment sections. Unless you’ve gone off the grid and erased your digital footprint, ChatGPT likely has your information.

What Security Risks Does ChatGPT Present?

While ChatGPT isn’t inherently dangerous, the platform still presents security risks. Crooks can bypass restrictions to execute various cyberattacks.

1. Convincing Phishing Emails

Instead of spending hours writing emails, crooks use ChatGPT. It’s fast and accurate. Advanced language models (such as GPT-3.5 and GPT-4) can produce hundreds of coherent, convincing phishing emails within minutes. They even adopt unique tones and writing styles.

Since ChatGPT makes it harder to spot hacking attempts, take extra care before answering emails. As a general rule, avoid divulging information. Note that legitimate companies and organizations rarely ask for confidential PII through random emails.

Learn to spot hacking attempts. Although email providers filter spam messages, some crafty ones could fall through the cracks. You should still know what phishing messages look like.

2. Data Theft

ChatGPT uses an open-source LLM, which anyone can modify. Coders proficient in large language models (LLM) and machine learning often integrate pre-trained AI models into their legacy systems. Training AI on new datasets alters functionality. For instance, ChatGPT becomes a pseudo-fitness expert if you feed it recipes and exercise routines.

Although collaborative and convenient, open-sourcing leaves technologies vulnerable to abuse. Skilled criminals already exploit ChatGPT. They train it on large volumes of stolen data, turning the platform into a personal database for fraud.

Remember: you have no control over how crooks operate. The best approach is to contact the Federal Trade Commission (FTC) once you notice signs of identity theft.

3. Malware Production

ChatGPT writes usable code snippets in different programming languages. Most samples require minimal modifications to function properly, especially if you structure a concise prompt. You could leverage this feature to develop apps and sites.

Since ChatGPT was trained on billions of datasets, it also knows illicit practices, like developing malware and viruses. OpenAI prohibits chatbots from writing malicious codes. But crooks bypass these restrictions by restructuring prompts and asking precise questions.

4. Intellectual Property Theft

Unethical bloggers spin content using ChatGPT. Since the platform runs on advanced LLMs, it can quickly rephrase thousands of words an avoid plagiarism tags.

ChatGPT rephrased the below text in 10 seconds.

Of course, spinning still classifies as plagiarism. Paraphrased AI articles sometimes rank by chance, but Google generally prefers original content from reputable sources. Cheap tricks and SEO hacks can’t beat high-quality, evergreen writing.

Enjoy this article? Don’t forget to share.