OpenAI Operator Agent Used in Phishing Attack Demo

Symantec researchers demonstrated how OpenAI’s Operator agent, an LLM-powered tool, can be used to construct a basic phishing attack with minimal prompt engineering. The agent successfully identified a Symantec employee, found their email address, drafted a PowerShell script, and sent a phishing email, highlighting the potential for increased cyberattacks with generative AI. While this specific attack required minimal intervention, it underscores the growing threat of AI-assisted attacks and the need for enhanced defenses.