3 Steps to Protect Yourself from Malicious Chatbots

3 Steps to Protect Yourself from Malicious Chatbots

Markus Melin

Head of Tieto Security Services at Tieto

Views 438

3 Steps to Protect Yourself from Malicious Chatbots

05.01.2017 09:00 am

In my earlier blog about chatbot security I laid out a troubling question: Why should we worry about chatbots? They are such a new phenomenon that we don't have enough information yet to fully estimate the threats they pose to security.

It's also reasonable to ask what all the fuzz is about and think that chatbots are just another internet hype.

I’m not a fortune teller, but it is important to understand the context where chatbots can – and most likely will – flourish. The way people use social media is changing: Today, we spend more time on messaging apps than on social networks. It’s clear that more services such as chatbots will be developed to complement the messaging apps.

The flip side is that with chatbots you should take extra caution with security. This is how to do it:

1. Collect data the right way

The intelligence of chatbots rests very much on their learning capabilities. The more they know about the user, the more personalised service they can offer. This means that they have to collect data.

For security reasons, especially inside enterprise networks, it’s important to know the following:

- What data is collected?
- Where is it stored?
- How long is it stored?
- Who else has access to my data?

2. Encrypt with caution

Communication on chatbots should be encrypted to make sure the information can’t be accessed from outside. With public channels, this is an obvious risk. Last summer, Facebook started to test end-to-end encryption.

While encryption is recommendable, it introduces new problems. Could a chatbot be utilised as a new channel to spread malware, nicely hidden under encryption? Could it be a command and control channel for malware or botnets?

Still, there are more obvious advantages than downsides to encrypting chatbot conversations. 

3. Don't trust the good looks

Chatbots present similar security challenges as email, for which we already have effective remedies.

Most email clients are quite good in detecting phishing email and sending it directly to junk mail. Some bad emails still make it to our mailboxes but luckily we are quite adept at detecting them and know not to click those nasty links, just as I wrote in my earlier blog post.

With chatbots the reality is totally different. They are still so new that technology isn’t able to detect malicious bots accurately. We must do the job ourselves.

When using chatbots in your messaging applications, take extra caution. Don’t automatically give your personal information, especially credit card info, to a friendly-looking chatbot.

Read more about our approach to security in our whitepaper.

Latest blogs

N/A ReliaMax

College Dreams? Here’s How to Get Accepted

Higher education in the United States is not just about getting accepted, it is about where you get accepted. Sure, there are options, there are seemingly endless options - from community colleges to Ivy League schools and everything in between. The Read more »

Bobby Gill GCWealth

Bobby Gill: 3 Ways Fintech is Helping Small Businesses During the Pandemic

Image Source: Pixabay. Back in April, the US oil prices sank to a 20-year low. In the UK, road traffic levels hit a 70-year low. Worldwide, due to lockdown, retail, travel, and restaurant bookings have dropped by 85%. More than 430 million Read more »

Christa Ardley Bitstocks

Bitcoin and blockchain without the b******t

An industry once viewed by the general populace as a haven for criminals and online scammers, and still somewhat marred by fractious in-fighting, Bitcoin and blockchain are gradually casting off their outdated negative reputation; as the focus Read more »

Otabek Nuritdinov Safenetpay

Beyond Payments Services

    Why it really matters for small for medium-sized enterprise (SMEs) to choose the right payments services provider. Strategic planners in the financial services sector often define their business in terms of products that Read more »

Chak Kolli DXC Technology

How Can Insurers Realise the True Value of AI?

As Artificial Intelligence (AI) and digital transformation find their way into every aspect of our daily lives, we are gradually seeing changes taking place in different sectors. Progressively, AI is permeating the insurance value chain and it is Read more »

Related Blogs

Gabriel Leperlier Verizon Enterprise Solutions

Why is Payment Security Compliance Declining with only 1 in 3 Companies Globally Making the Grade?

When companies are attacked, personal and financial customer information from payment card data is often the target. The Payment Card Industry Data Security Standard (PCI DSS) was designed to help protect payment data from the point of purchase and Read more »

Alan Stewart-Brown Opengear

Security Challenges for Financial Institutions – How Smart Out-of-Band (OOB) Management Keeps Networks Up and Running

Information technology and telecommunications are fundamental to service delivery in financial institutions today. Firms are increasingly reliant on IT networks to deliver core services but this can leave them vulnerable to ever-expanding security Read more »

Ali Raza Financial Software Systems

The Best of both Worlds: Security and User Experience

Globally e-commerce is booming. According to industry estimates digital commerce is projected to grow at a 20% CAGR to reach $5.8 trillion by 2022.  At the same time fraud losses are mounting. Read more »

Jason Tooley Veridium

Retailers Focus on Security to Avoid Becoming Another High Street Casualty

There is a consistent pattern of disruption in most industries, and surviving in the face of this rising tide means embracing the change, not fighting it. 68 per cent of c-level executives expect their industry to be significantly disrupted by new Read more »

Paul Hampton Thales

Going back to basics will solve a security headache for financial firms

With reports of new data breaches hitting the news every day, you might be surprised to hear that spending on cyber-security is at an all-time high. However, as these attacks become more sophisticated, much of this spend has been focused on Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel