Phishing, AI/ML

Widespread ChatGPT credential compromise sought by OpenAI spoofing campaign

Share
ChatGPT chatbot by OpenAI - artificial intelligence

Organizations around the world have been subjected to a new massive OpenAI impersonation campaign that aimed to exfiltrate ChatGPT credentials, SecurityWeek reports.

Using the 'topmarinelogistics.com' domain, threat actors spoofing OpenAI Payments sent more than 1,000 phishing emails warning of unsuccessful ChatGPT subscription payments that lured targets into clicking a link for updating payment details, which redirected to a fraudulent OpenAI login page on the 'fnjrolpa.com' domain, which has since been taken offline, according to a report from Barracuda Networks. Further analysis showed the credential harvesting website to have been registered last December. "Interestingly, based on whois records, the website was registered with an address from Nepal but the sender domain shows registered in France (and is also inaccessible now). Sender IP belongs to Germany," said Barracuda Product Management Manager Prebh Singh, who noted the attackers' approach to be the "simplest" means of compromising accounts that may be used in future phishing operations.

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.