Share this article on:
OpenAI’s latest generative pre-trained transformer (GPT) bot has only been live since 14 March, but scammers and phishers are already taking advantage of the technology — but not quite in the way you might expect.
Security researchers at Tenable found phishing emails promising access to the technology just a day after its launch.
The emails make a simple promise, offering recipients the chance to purchase an OpenAI crypto token, which will give them access to GPT-4.
Except that no such token exists. The scammers are taking advantage of OpenAI’s closed access to its API — at the moment, only developers and subscribers can access the tool.
The email, ironically, was not written by ChatGPT, as it contains a number of spelling errors and poor grammar.
“Chat GPT-4 is now only available for people with the OpenAI token,” the email read, omitting the period at the end of the sentence.
“Don’t miss out on the limited-time OpenAI DEFI token airdrop, to get access to gpt4 chat.”
The email looks like a legitimate missive from OpenAI, complete with the company’s logo and brand colouring.
“Our partnership resulted in the creation of a cryptocurrency which will serve as a gateway to our ecosystem such as access to GPT-4 chat, it will also offer access our next concepts based on DEFI,” the letter promised.
The email has a link to get started with the purchase and even a link to a help centre. The aim of the campaign is to get users to link to their crypto wallets. Once linked, the scammers drain the entire wallet.
“Having researched cryptocurrency scams over the last four years, I’ve learned that scammers are opportunistic, impersonating noteworthy individuals or brands to promote fake tokens like Tesla tokens and SpaceX tokens as well as a plethora of fake giveaways,” said Satnam Narang, senior staff research engineer at Tenable, in a release.
“The impersonation of OpenAI and the promotion of a fake OpenAI token continues this trend.”
As always, if something looks too good to be true — especially in the world of crypto — it almost certainly is a scam.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.