By turning OpenAI’s own collaboration tools into a delivery system for scams, attackers have found a way to slip past technical safeguards and exploit user confidence, underscoring how even reputable digital services can become vectors for deception when convenience outpaces scrutiny.
Cybersecurity researchers at Kaspersky say they have uncovered a scam campaign that exploits features of the OpenAI platform, allowing attackers to send spam messages from legitimate OpenAI email addresses and increasing the likelihood that recipients will trust them.
According to Kaspersky, the scheme begins when attackers create an account on OpenAI and register an organisation name. That field allows any combination of symbols, a flexibility scammers use to insert misleading text, fraudulent links, or phone numbers directly into the organisation name itself.
After the organisation is created, OpenAI offers users the option to invite team members by email. Attackers enter the email addresses of their intended victims, triggering invitation messages that are sent from OpenAI’s official email infrastructure. From a technical perspective, the emails appear legitimate, even though their content is malicious.
Kaspersky said it observed several types of scam messages delivered this way. Some promoted fraudulent offers, including adult services. Others relied on vishing, with messages falsely claiming that a subscription had been renewed for a large sum and urging recipients to call a phone number to cancel the charge. Those calls, researchers said, can lead to further compromise. Kaspersky warned that other forms of email threats may also be circulating through the OpenAI platform.
The malicious text that attackers want recipients to notice, often highlighted in bold, stands out from the rest of the email, which is clearly structured as a standard invitation to collaborate on a project. The attackers rely on the likelihood that many recipients will not scrutinize the formatting closely.
“This case highlights a vulnerability in how platform features can be weaponised for social engineering email attacks. By embedding deceptive elements in seemingly innocuous fields like organisation names, scammers attempt to bypass traditional email filters and exploit user trust in reputable services,” Anna Lazaricheva, a senior spam analyst at Kaspersky, told Impact Newswire. “We urge all users to verify invitations carefully and avoid clicking embedded links without scrutiny. We also recommend brands to consider whether their online services or platforms could be abused by attackers.”
Kaspersky advised users to treat unsolicited invitations from any platform with caution, even when they appear to come from trusted sources, and to inspect web addresses carefully before clicking. The company also warned against calling phone numbers listed in suspicious emails, recommending that users instead look up official contact information directly on a service’s website.
The firm encouraged both individuals and organizations to report suspicious messages to platform providers and to use multi factor authentication on all accounts. For corporate customers, Kaspersky said its security products for mail servers can help protect against evolving email threats, while individual users can rely on consumer security tools designed to reduce the risk of phishing attacks.
Get the latest news and insights that are shaping the world. Subscribe to Impact Newswire to stay informed and be part of the global conversation.
Got a story to share? Pitch it to us at info@impactnews-wire.com and reach the right audience worldwide
Discover more from Impact AI News
Subscribe to get the latest posts sent to your email.
