ChatGPT-related domain squatting grows by 910% monthly

May 4, 2023 - TuxCare PR Team

According to Palo Alto Networks Unit 42, there has been a monthly surge of 910% in newly registered and squatted domains associated to ChatGPT between November 2022 and early April 2023. Furthermore, DNS Security records show a massive spike of 17,818% in connected squatted domains during the same time period.

The researchers also discovered a concerning pattern of phishing URLs posing as genuine OpenAI webpages. Scammers’ common technique is to create a phony website that looks just like the legitimate ChatGPT website, fooling visitors into downloading malware or giving important information. Scammers may use ChatGPT-related social engineering to perform identity theft or financial fraud, according to the researchers.

Scammers have taken advantage of OpenAI’s rising popularity to perpetrate cryptocurrency frauds, such as tricking victims into participating in bogus bitcoin giveaway events. Some fake websites even utilize the official ChatGPT API, which OpenAI released in March, as a proxy for their services.

According to the study team, because ChatGPT is unavailable in some countries or regions, websites built using these automated tools or the API may draw a considerable number of customers from these places. This also allows threat actors to benefit from ChatGPT by serving as a proxy for their service.

The study team also stated that these tools, together with the overall increase in registered and squatted ChatGPT domains, reflect a developing trend. The Unit 42 notice was issued just a few weeks after a ChatGPT vulnerability allegedly exposed some customers’ financial details.

ChatGPT users should be cautious of malicious emails or links associated to ChatGPT to prevent getting defrauded. The use of clone chatbots will further increase security vulnerabilities. Users should always use the official OpenAI website to access ChatGPT.

The sources for this piece include an article in Infosecurity.

Summary