Can You Trust Open AI’s New ChatGPT Atlas Browser?

This week on The Awareness Angle:

ChatGPT’s new browser – OpenAI launches ChatGPT Atlas, a privacy-questionable browser that remembers everything you do online.
Deepfake politics – A fake video of UK MP George Freeman “defecting” to another party sparks fresh concern over AI-generated misinformation.
Reddit’s security pulse – Practitioners report a huge surge in phishing and social engineering attacks, with some seeing incidents up 70%

Also this week, YouTube rolls out likeness detection to help creators spot AI fakes, Muji is hit by ransomware, and a man is jailed for spamming commuters with phishing texts on the London Underground.

Listen on your favourite podcast platform - Spotify, Apple Podcasts and YouTube

Listen Now

Podcast · Risky Creative

Cyber Security Awareness Month Draws To A Close...

As Cyber Security Awareness Month draws to a close, there’s still time to grab the short, snappy videos we’ve created with Hoxhunt this year. Each one is just one to two minutes long and covers social engineering in messaging apps, the psychology behind persuasion, how AI is powering spear phishing, and how to spot deepfakes.

They’re quick, practical, and perfect for sharing with colleagues, friends, or family. Most importantly, they work just as well year-round. You can grab them directly from the Hoxhunt toolkit, and unbranded versions are available if you’d like to include them in your own awareness programme.

Suppose you’re looking for something more tailored. In that case, Risky Creative also produces bespoke awareness content, from short explainer videos and campaign messaging to full culture or training series built around your people. Whether you need a one-off video or a complete content plan, reach out, and we’ll help you create something that fits your team perfectly.

Get the toolkit here - https://hoxhunt.com/cybersecurity-awareness-month-toolkit-2025

This week's stories...

ChatGPT Atlas Browser Raises Privacy Alarms

Watch the discussion - https://youtu.be/I0DdZsDo2pg?t=1052

OpenAI has launched ChatGPT Atlas, a new AI-powered browser that wants to “help you browse smarter.” It doesn’t just search. It watches, remembers, and acts. The browser records every site you visit, tracks how you interact with them, and builds memories to “personalise” your experience. It can even open pages, fill out forms, or make purchases automatically through something called Agent Mode.

Sounds useful, until you realise it’s also creating a complete behavioural profile of you. As Luke said on the show, “It’s bad enough managing normal browser risks. This just adds another layer of exposure.”

Proton’s researchers warned that even when you delete your data, the AI’s understanding of you remains. It’s like clearing your search history while the system keeps your psychological footprint. And if people start using this for work, banking, or private logins, that’s a serious problem waiting to happen.

∠The Awareness Angle

Total Recall – Atlas doesn’t just save history, it learns your habits and inferences. It knows what you look at, how long you look, and why.
Convenience Comes at a Cost – Giving an AI control to “act on your behalf” can lead to accidental oversharing or data loss.
Think Before You Browse – Until privacy controls catch up, keep sensitive browsing out of AI-driven tools like this.

“Anyone Else Seeing a Huge Influx in Attacks?”

Watch the discussion - https://youtu.be/I0DdZsDo2pg?t=1670

A post on the r/cybersecurity subreddit went viral this week after one user asked if anyone else had noticed a sudden surge in phishing and social engineering attempts. The thread exploded with replies from security teams around the world, many reporting increases of 40 to 70% in targeted attacks over the past two months.

One mid-size company said they’re seeing “phishing attempts every five minutes” from new IPs, while others suggested the spike might be linked to the Salesforce data leak, with attackers using exposed contact data to reach more businesses.

Ant discussed on the show how this thread highlights what’s really happening on the front line. These aren’t vendor reports or security briefings, they’re real practitioners sharing what they’re seeing day to day. One Reddit user summed it up perfectly: “It’s like we’re fighting off twice the number of attacks with the same size team.”

∠The Awareness Angle

Everyone’s Feeling It – Security teams everywhere are reporting a major uptick in phishing and smishing attempts.
Real Voices, Not Vendors – These aren’t stats from a glossy report, they’re stories from practitioners in the field.
Culture Matters – When your defenders are stretched, awareness and calm user behaviour become your biggest safety net.

Do you have something you would like us to talk about? Are you struggling to solve a problem, or have you had an awesome success? Reply to this email telling us your story, and we might cover it in the next episode!

Awareness Awareness

Security Champions Research Project – Last Chance to Take Part

If you run or support a Security Champions or Ambassador Programme, this is your last chance to share your experience. The team at Layer 8 are wrapping up their open-source research project to understand what makes these programmes work in practice.

They’re collecting real insight from awareness professionals around the world, exploring what successful programmes have in common, how impact is measured, and what results teams are seeing on the ground. The goal is to create a shared, open dataset that helps everyone in the community build stronger, more effective champion networks.

Ant mentioned on the show how valuable projects like this are for awareness professionals who want to benchmark what actually works, not just what looks good on paper. Your contribution is anonymous and only takes a few minutes to complete, but it could make a big difference to how we all shape these programmes in future.

https://layer8champions.scoreapp.com/

Watch the discussion – https://youtu.be/I0DdZsDo2pg?t=2185

Human Firewall Conference

The Human Firewall Conference (HuFiCon) takes place next week in Cologne, bringing together awareness professionals, behaviour experts, and security leaders from across Europe. Hosted by SoSafe, it’s all about the human side of cyber, how we engage, motivate, and influence secure behaviour at scale.

Ant will be there as part of the speaker line-up, joining a session focused on turning people into cyber heroes. Expect creative talks, interactive sessions, and a big focus on behaviour, communication, and culture.

If you work anywhere near human risk, awareness, or engagement, this is one to follow, and the sessions will also be available on demand after the event.

Watch the discussion - https://youtu.be/I0DdZsDo2pg?t=2246

Go Phish Podcast – Talking Creativity, Honesty and Human Risk

Now, this was a fun chat! Dan asked me to join him on the Go Phish podcast to talk about keeping things simple, fun and honest in security awareness.

I first came across Dan on LinkedIn earlier this year. His raw, no-nonsense approach to awareness really resonated with me, so it was great to finally sit down and talk it all through.

We talked about storytelling, gamification, culture, creativity and the future of behaviour-driven security.

In a couple of weeks, you’ll get to see what happens when we swap places and I ask the questions.

Watch the chat - https://youtu.be/I0DdZsDo2pg?t=1994

This Week's Discussion Points...

Main Stories

Auction giant Sotheby’s says data breach exposed financial information – Bleeping Computer
Watch | Read

Muji's minimalist calm shattered as ransomware takes down logistics partner – The Register
Watch | Read

JLR hack 'is costliest cyber attack in UK history' – BBC News
Watch | Read

Tory MP George Freeman reports deepfake defection video to police – BBC News
Watch | Read

YouTube’s likeness detection has arrived to help stop AI doppelgängers – Ars Technica
Watch | Read

Whisper 2FA Behind One Million Phishing Attempts Since July – Infosecurity Magazine
Watch | Read

Threat Spotlight: Unpacking a stealthy new phishing kit targeting Microsoft 365 – Barracuda
Watch | Read

Is ChatGPT Atlas safe? What to know about its privacy risks before you use it – Proton
Watch | Read

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped – The Hacker News
Watch | Read

Awareness Awareness

Anyone else seeing a large influx in attacks? – Reddit /r/cybersecurity
Watch | Read

Go Phish Podcast with Dan Thornton – GoldPhish
Watch | Read

Community & Events

Security Champions Research Project – Layer 8
Watch | Read

HuFiCon 2025 (Cologne, Germany) – The Human Firewall Conference
Watch | Read

Ant’s Topics

Microsoft Phishing Email Example – Reddit
Watch | Read

Why Are Hyperlinks Blue? – Instagram
Watch | Read

OpenAI’s Brand Campaign Made Without AI – Instagram
Watch | Read

Pistachio – Cyber Security Awareness Platform – Pistachio
Watch | Read

Luke’s Topics

Latvian Police Seize 40,000 SIM Cards Linked to Cyber Fraud – TikTok
Watch | Read

AI Preacher Video and Sora Watermark Detection – TikTok
Watch | Read

Ryan Gosling Phishing Simulation Meme – TikTok
Watch | Read

Subscribe to the Newsletter

https://www.riskycreative.com

Thanks for reading! If you’ve spotted something interesting in the world of cyber this week — a breach, a tool, or just something a bit weird — let us know at hello@riskycreative.com. We’re always learning, and your input helps shape future episodes.

And finally…OpenAI’s “No AI” Brand Campaign

Watch the discussion - https://youtu.be/I0DdZsDo2pg?t=2821

OpenAI has launched its first ever brand campaign, but in a twist that caught everyone’s attention, it wasn’t made with AI at all. The advert, which shows moments of human creativity and connection, was filmed on 35mm film using traditional production methods.

Crucially, the campaign was made almost entirely by people. The team at OpenAI said: “Human craft was central to the campaign’s creation. Every frame was shot on film, shaped by directors, photographers, producers and many more masters of craft.” ChatGPT did have a small part to play as a “behind the scenes co-creator … streamlining shot lists and organising schedules.”

After months of AI-generated ads flooding social media, OpenAI went in the opposite direction, proving that even the biggest AI company understands the value of something real. Ant said on the show that sometimes it’s not about showing off what tech can do, but about creating something that still feels human.

Watch the video - https://www.instagram.com/reel/DPT52yHgKVj/?igsh=MTE1ZndiYnFlbWpjdQ%3D%3D

∠The Awareness Angle

Authenticity Wins – People connect more with honesty and imperfection than with synthetic perfection.
Human Still Matters – Even AI giants know real storytelling needs human emotion.
Remember the Message – The tools are only part of it, what people take away is what counts.