If you use ChatGPT frequently for various purposes, then you should be wary of the new scam going on around you. A new Check Point Research warns about fake ChatGPT related websites deceiving users. Cybercriminals and hackers are imitating the AI platform and manipulating its users to download dangerous files or share personal information.
After testing the 13,296 new websites created between January to April 2023, in connection with ChatGPT or OpenAI, the report by Check Point Software Technologies found that 1 out of 25 such domains are harmful or can potentially corrupt your system. “We have identified numerous campaigns that mimic the ChatGPT website with the intention of luring users into downloading malicious files or disclosing sensitive information. The frequency of these attack attempts has been steadily increasing over the past few months,” as officially stated by the report.
Robert Falzon, Check Point’s Canadian operation’s head of engineering, is of the opinion that hackers and cyber-terrorists are cashing on the growing popularity of AI tools like ChatGPT. The usefulness of such technologies reduce the suspicion from general public and make them vulnerable to online attacks.
Domain spoofing or typo-squatting are some of the techniques used to create websites with URLs identical to the original platforms or generate graphical content like logos and branding to increase the legitimacy of the websites.
They are mainly used to spread virus or malware in the user’s system, or trick them into revealing their sensitive information like login credentials or card numbers that can be used by the hacker with malicious intentions.
Examples of some hoax websites that spread malware once clicked are:
Thus, it is evident that hackers use fake and malicious domains imitating ChatGPT. So, how can you save yourself from such scam? The report shares some guidelines to follow:
- Check the URL: Remain careful and always check the URL of the site that appears on your monitor, especially if you are being asked to download any file or put in personal information.
- Look for HTTPS: Real and valid websites will usually have a padlock symbol and https at the start of their URLs, indicating a secure connection. If the does not have a valid SSL certificate, it may be a hoax website and will be missing these elements.
- Be cautious of pop-ups: If a website has excessive pop-ups or prompts for downloading files or plugins, it is highly probable that it is a malicious website.
- Check for branding mistakes: Look out for the logos and other graphical elements on the website and match them with those on the real website. There may be graphical, spelling mistakes or other observable errors that are hardly made by a professional and real company.
We should thus take it seriously when Check Point Research warns about fake ChatGPT related websites deceiving users. But, by using your knowledge and common sense, you can easily protect yourself and your device from malware and hackers. You can also be cautious by being up to date about new updates from ChatGPT.
Source: Check Point Research