Kennedy Njenga
Abstract
The work reflects on how ChatGPT can be used to develop a phishing campaign that may lead to a successful phishing attack. By employing a design science research (DSR) approach and through a ‘conversation’ with ChatGPT, a phishing framework anchored on a fictitious website and email was developed, showing the prowess of ChatGPT. Of concern to managers and information security practitioners of organisations operating in South Africa, the advent of ChatGPT has only complicated and exacerbated phishing campaigns in new ways. The implications for these developments are outlined in the main paper.