Source: www.securityweek.com – Author: Eduard Kovacs
Barracuda Networks has observed a large-scale OpenAI impersonation campaign targeting the credentials of ChatGPT users.
Threat actors have been sending out phishing emails that purport to come from artificial intelligence company OpenAI, informing recipients that their “latest subscription payment for ChatGPT was unsuccessful” and instructing them to click on a link to update payment information.
Barracuda has seen these emails targeting businesses worldwide. The company is aware of over 1,000 emails being sent from a single domain.
The phishing emails appear to come from OpenAI Payments, but they actually originate from a domain called topmarinelogistics.com. The emails passed DKIM and SPF checks.
Prebh Singh of Barracuda’s Product Management team told SecurityWeek that the OpenAI phishing emails pointed to the domain fnjrolpa.com.
This website is currently offline, but an analysis showed that it hosted a fake login page resembling that of OpenAI, indicating that the goal of the campaign is credential harvesting.
“This is the simplest way for attackers to get access to new accounts that they can compromise to launch new phishing campaigns,” Singh explained.
The domain hosting the ChatGPT phishing page was registered in December 2023.
“Interestingly, based on whois records, the website was registered with an address from Nepal but the sender domain shows registered in France (and is also inaccessible now). Sender IP belongs to Germany,” Singh noted.
Advertisement. Scroll to continue reading.
Related: Microsoft Warns of Russian Spear-Phishing Attacks Targeting Over 100 Organizations
Related: Be Aware of These Eight Underrated Phishing Techniques
Related: DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military
Related: Quishing Campaign Abuses Microsoft Sway to Host Phishing Pages
Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
Daily Briefing Newsletter
Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization’s data security and resilience.
The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.
Original Post URL: https://www.securityweek.com/businesses-worldwide-targeted-in-large-scale-chatgpt-phishing-campaign/
Category & Tags: Email Security,Phishing,ChatGPT,OpenAI,phishing – Email Security,Phishing,ChatGPT,OpenAI,phishing
Views: 0
