Last updated on April 19th, 2024 at 02:38 am
Since its release in November 2022, OpenAI’s chatbot ChatGPT has become all the rage. Unfortunately, as a new report by Palo Alto Networks’ Unit 42 shows, it has also become a hot target for scammers.
As part of their investigation, Unit 42 researchers found registrations of ChatGPT and OpenAI domain names have skyrocketed. While many are not currently malicious, the researchers caution these domains “could be abused to cause damage at any time” because OpenAI does not own them.
And the risks are not just theoretical. During their investigation, the researchers came across fake ChatGPT websites featuring a “Download for Windows” button. Unsuspecting visitors who clicked that button would install malware, however, not ChatGPT.
Other malicious sites tricked visitors into thinking they needed to pay to access ChatGPT to make them hand over their credit card information. Those who paid up probably found themselves charged for much more than they bargained for.
Other sites even used OpenAI’s name to lend legitimacy to fraudulent crypto giveaways. These sites instruct visitors to transfer crypto to the scammer’s wallet, promising to send back double in return. However, the scammers have no intention of sending crypto back and simply pocket what is sent to them.
Unit 42 researchers also warn about copycat chatbots. These bots may be based on less powerful versions of the large language model that powers ChatGPT. Plus, they could steal whatever information visitors enter into them and give them deliberately misleading answers in response.
So what can you do to protect yourself? Being aware of the existence of these scams is a good first step. The researchers at Unit 42 additionally suggest being cautious when dealing with emails about or links to supposed ChatGPT or OpenAI products. They also recommend you only access ChatGPT through OpenAI’s official site.
