ChatGPT, a consumer application developed by OpenAI, has experienced a record-breaking rise in user numbers since launch. This success has also brought along an unfortunate but expected consequence- an uptick in scams associated with the application.
From November 2022 to early April 2023, unit 42 researchers noticed a dramatic increase in the registration of domains associated with the application. This, along with the surge in newly-registered squatting domains, resulted in more than 118 daily detections of malicious URLs associated with ChatGPT. In addition, the launch of the OpenAI official API for ChatGPT on March 1, 2023 has led to further potentially dangerous scenarios as scammers attempt to exploit the growing popularity of the consumer app.
The research includes several case studies provided by experts to illustrate the various methods scammers have used to dupe users into downloading malware or sharing confidential information. Palo Alto Networks’ suite of security services – Advanced URL Filtering, DNS Security and WildFire – safely protect users from malicious ChatGPT-related scams.
When OpenAI announced the release of its ChatGPT, threat actors registered squatting domains and exploited the hype to launch fraudulent crypto-giveaway schemes and launch dangerous phishing scams. Some phishing attempts posed as legitimate OpenAI ChatGPT applications, others delivered malware disguised as innocuous downloads. Identity theft and financial fraud have also increased among unsuspecting users.
Copycat ChatGPT applications have also developed concurrently with the rise of the legitimate version. While some offer larger language models than the official apps, many could present a security risk to users. Some of these applications could collect sensitive inputs and deliver misleading information, while others might be proxies for services which are not available in certain countries and regions.
While the successes of OpenAI are well-deserved, it is important for users to stay vigilant as scammers take advantage of this newfound popularity. Advanced security software, like the one offered by Palo Alto Networks, can keep users safe from malicious attacks. App users should also be sure to download applications only from reliable and official sources and use a cautionary mindset when approached with copycat chatbots.
