Cyber Analysis Group - CyberAGroup - OSINT Darkweb Investigations  - Insider Threat - Crypto - Online threat & exposure - SOCMINT - Canadian

‹ Back

At CyberAGroup, we embrace any tools or data, AI-powered or otherwise, that increase our productivity, capabilities, and accuracy. That said, we approach every tool and dataset cautiously and always attempt to verify any results.

Yesterday, after completing a summary of a company and its CEO for a client, I decided to see what the latest version of ChatGPT (GPT-4-turbo) could provide. Initially, I asked ChatGPT to “tell me about (name of the CEO) who lives in (a U.S. state).” ChatGPT was unable to identify the individual until I specified the CEO’s company and industry.

Once ChatGPT found the individual, it provided a very generic but accurate summary of the CEO. However, it then stated that the CEO was “also affiliated with” an industry-related group in the same state and proceeded to describe the group in detail.

"Wow," I thought. "How did we miss that affiliation in our deep dive using traditional tools and datasets? Have we overlooked other connections in previous cases by not using ChatGPT?"

After spending an hour investigating the “affiliated” group and trying to find any connection to the CEO, I was unsuccessful. The next step (which should have been my first), I asked ChatGPT the simple question: “How do you know the CEO is affiliated with that group?”

ChatGPT’s response amazed me: "I apologize for any confusion in my earlier responses. Upon reviewing the available information, I couldn't find verifiable sources confirming a direct connection between (the CEO) and (the group)…specific details linking (the CEO) to this community are not present in the provided sources."

To make matters worse, after admitting it had no basis for the claim, ChatGPT continued providing additional information about the group, seemingly in an attempt to convince me of the nonexistent affiliation.

The bright side? AI won’t be putting me out of a job… yet. This example reiterates a core principle of good OSINT: validation / verification of all sources is essential.