A new campaign of a phishing site is active on the web waiting for users who are looking for the latest version of Chat GPT, the OpenAI chatbot that, as it continues to gain followers, is also used by cybercriminals to deceive with fake applications, sites, or extensions that only seek to steal sensitive information to commit scams.
GPT Chat, launched in November 2022, is a tool in which a robot based on an artificial intelligence model allows the user to chat, almost as if it were a human, and configure -by means of indications, or prompts- the responses it obtains so that they fit what they are looking for -in length, theme, discursive tone, etc-.
This year we had detected the use of fake ChatGPT sites, and malicious extensions for browsers, and even applications that distribute Trojans to steal bank information.
The way to deceive is always the same: pretend to be the real site and make users fall into the trap, taking advantage of the growing popularity of the chatbot.
In this case, we now detect that in a general Google search for “Chat GPT 4”, or “Chat GPT for Android”, for example, one of the first results that may appear, and give the impression of being original, leads to a false url: chatgptui.com which, up to the time this article was published, is still active.
Using the fake link, the unsuspecting user will find a fairly well built website that uses the correct logo, although it is very different from the original.
It also uses logos of companies that use the real service to give a nuance of truth to the fake page.
By clicking on “get started”, we observe that it asks for registration data that is never validated: it is not necessary for a confirmation and validation email to arrive, something necessary in most legitimate services.
Cybercriminals are not interested in your email in this case. The most important thing comes later, when you think you are subscribing to the paid version of GPT CHAT: your credit card details and the payment for the fake service.
CyberSec84 | Cybersecurity news. 
Leave a comment