Fake ChatGPT extension can call the Facebook API to steal a victim’s account details

Palo Alto Networks has released research from its threat intelligence team Unit 42 on how the increasing popularity of generative AI has led to a surge in scams themed around ChatGPT. The study sheds light on the diverse tactics employed by scammers to scam users into sharing confidential information or installing malicious software. The research also provides concrete instances and case studies to demonstrate these methods.

Unit 42 looked at a number of phishing URLs that pretended to be the official OpenAI website. The scammers behind such schemes typically create counterfeit websites that closely resemble the official ChatGPT website, with the intention of tricking users into downloading malicious software or disclosing private, confidential information. Even though OpenAI offers a free version of ChatGPT, scammers often mislead their victims into visiting fraudulent websites and paying for these services.

Key findings from the report include:

  • The fake AI ChatGPT extension can add a background script to the victims’ browser, that contains a highly obfuscated JavaScript. This Javascript calls the Facebook API to steal a victim’s account details, and it might get further access to their Facebook account.
  • Between November 2022-April 2023, Unit 42 observed an increase of 910% in monthly registrations for domains related to ChatGPT
  • There were more than 100 daily detections of ChatGPT-related malicious URLs captured from traffic seen in the Palo Alto Networks Advanced URL Filtering system
  • In the same timeframe, the team observed nearly 18,000% growth of squatting domains from DNS security logs
  • Unit 42 observed multiple phishing URLs attempting to impersonate official OpenAI sites. Typically, scammers create a fake website that closely mimics the appearance of the ChatGPT official website, then trick users into downloading malware or sharing sensitive information.
  • Despite OpenAI giving users a free version of ChatGPT, scammers lead victims to fraudulent websites, claiming they need to pay for these services.

Related posts

Latest WSO2 API Management Products Help Enterprises to Manage AI APIs, Maximize Developer Productivity, and Future-Proof Their Deployments

JLL Falcon kicks off new era of AI-powered CRE innovation

Pure Storage Simplifies Cloud Migrations for Enterprise-scale VMware Environments on Microsoft Azure

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More