Palo Alto Networks: Scams with fake ChatGPT websites rise sharply


Palo Alto Networks: Scams with fake ChatGPT websites rise sharply

The cybersecurity firm filters an average of 118 malicious websites every day that try to exploit ChatGPT’s popularity

ChatGPT is one of the fastest-growing applications in the history of the internet, and that has obviously not escaped online scammers. Today, they are trying to exploit that popularity through all kinds of deceptive websites.

UNIT 42, the research group of Palo Alto Networks, saw an increase of no less than 910% in the number of domain name registrations linked to ChatGPT between November 2022 and April 2023. From all those new URLs, researchers filtered out an average of 118 malicious websites trying to abuse ChatGPT every day.

Fraud via fake ChatGPT websites

During the investigation, cyber experts discovered several URLs that sought to impersonate OpenAI’s official websites. Usually, this is how the scammers try to install malware or extract sensitive information from victims. Palo Alto Networks researchers also discovered a number of fraudulent ChatGPT websites where the criminals tried to convince visitors to leave their financial details for a fake paying service.

Example 1 of a fraudulent ChatGPT website. When victims click on the “DOWLOAD FOR WINDOWS” button, a Trojan is installed.

Example 2 of a fraudulent ChatGPT website. Victims are tricked into leaving their financial details.

Copycat chatbots

In addition to fraudulent fake ChatGPT websites, the UNIT 42 group also warns of so-called copycat chatbots. While some of these bots have developed their own language model, others claim to be built based on ChatGPT’s public code. This poses major risks as many of these apps cannot be verified. For example, some chatbots can track users’ questions and use that information for criminal activities. In addition, the bots’ answers can also be manipulated to spread false information, for example.

Example 3 of a fraudulent extension for Google Chrome. A script is installed that steals the victim’s Facebook data.

ChatGPT’s growing popularity will only create more fraud, warns UNIT 42. The research group therefore advises ChatGPT users to be extra careful with suspicious emails and links that refer to the popular chatbot. It is additionally advised to always surf directly to ChatGPT via OpenAI’s official website and not through third-party links.

Discover all the information in the blog.

About Palo Alto Networks

Palo Alto Networks is the world’s cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we’re committed to helping ensure each day is safer than the one before. It’s what makes us the cybersecurity partner of choice.