Alleged FraudGPT-Enabled Phishing Attack Spoofs ChatGPT Subscription Service to Steal Credentials

February 23, 2025

A reported phishing campaign is using AI-generated emails to impersonate OpenAI's ChatGPT Premium subscription service. The goal appears to be stealing user credentials and financial data.

Cybercriminals are allegedly sending fraudulent renewal requests, directing victims to spoofed OpenAI login pages. This incident underscores the importance of safe and secure AI practices. For those interested in shaping trustworthy AI governance and preventing harm through Project Cerebellum, JOIN US.

This incident serves as a reminder that incidents like this one can be mapped to HISPI Project Cerebellum TAIM under the 'Govern' function.

Matched TAIM controls

Suggested mapping from embedding similarity (not a formal assessment). Browse all TAIM controls

MAP 1.6 — similarity 0.626, rank 1. TAIM detail and related incidents →
MEASURE 2.10 — similarity 0.626, rank 2. TAIM detail and related incidents →
GOVERN 2.2 — similarity 0.614, rank 3. TAIM detail and related incidents →

Alleged deployer: cybercriminals, phishing-scammers, fraudgpt-operators, dark-web-threat-actors, unknown-scammers
Alleged developer: fraudgpt, openai
Alleged harmed parties: openai-users, chatgpt-premium-subscribers

Source

Data from the AI Incident Database (AIID). Cite this incident: https://incidentdatabase.ai/cite/948

Data source

Incident data is from the AI Incident Database (AIID).

When citing the database as a whole, please use:

McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.

Pre-print on arXiv · Database snapshots & citation guide

We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.