Fake Websites Impersonating Link to ChatGPT Pose High Risk: Check Point Research
Check Point Research (CPR) has recently discovered multiple ways that cybercriminals can deceive ChatGPT users by creating fake sites, thereby tricking them into downloading harmful files or sharing sensitive information. According to a new CPR report, since the start of this year, one out of every 25 domains related to ChatGPT or OpenAI, its developer, was either malicious or potentially malicious.
The report states that cybercriminals are using various ChatGPT-related domains to lure users into disclosing sensitive information or downloading malicious malware. With upwards of 13,296 new ChatGPT-related domains registered between January and April, the frequency of these malicious attacks has been steadily increasing over the past few months.
Robert Falzon, Head of Engineering for Check Point’s Canadian operations stated, “Fraudulent websites can be used for a variety of malicious purposes including stealing personal information, spreading malware, or conducting phishing attacks. Hackers and malware producers are taking advantage of the increasing public interest in AI technology and are counting on the ‘buzz’ generated by these technologies and the rapid rise in demand for AI services to decrease public suspicion.”
Falzon further added, “Impersonation sites can make their website URLs look similar to legitimate ones by using techniques such as domain spoofing or typo-squatting. They may also use logos, branding, and other visual elements to make the site appear authentic to fool the viewer."
Users are usually prompted to enter confidential information such as login credentials, credit card numbers, or personally identifying information, and the attackers may collect this sensitive information for identity theft or other nefarious purposes.
There are certain ways through which users can determine if they are about to use a legitimate site or an impersonated site. Falzon suggests, “It is critical to combine common sense and individual caution with software to combat sophisticated schemes. It’s also critical to keep your software and operating system up to date to minimize the risk of malware infections in general."
Beware of these fake sites because "once a victim clicks on malicious links, they are redirected to these websites and potentially exposed to further attacks."
