- Scammers send emails from legitimate OpenAI addresses to trick users
- Misleading organization names hide malicious links designed to capture sensitive information
- Companies are targeted because multiple employees can receive malicious invitations simultaneously.
Kaspersky has discovered a sophisticated scam that takes advantage of OpenAI’s team invitation system to attack unsuspecting users.
Scammers register accounts and insert misleading links or phone numbers directly into the organization name field.
They then use the “invite your team” feature to send emails from legitimate OpenAI addresses, making the messages appear completely authentic.
The content of the email is misleading.
Kaspersky warns that these emails can easily trick recipients into clicking on malicious links or calling fraudulent numbers, which could cause serious financial or data loss.
The content of these scam emails varies, but the objectives remain the same. Some messages claim that a subscription has been renewed for an unusually large sum, while others promote fraudulent offers, including adult services.
Kaspersky notes that attackers often combine email and voice tactics, using vishing to pressure recipients to act immediately.
The text of these emails frequently shows structural inconsistencies, but attackers rely on recipients to overlook these irregularities.
Companies face increased risk because attackers can attack multiple employees at the same time.
Kaspersky recommends treating all unsolicited invitations with suspicion, even when they appear to come from trusted platforms.
Users should carefully inspect all URLs before clicking, avoid calling numbers included in suspicious messages, and report unusual activities to the service provider.
Users should enable multi-factor authentication on all accounts to reduce risk, but stronger protection also requires technical defenses.
Endpoint protection and a strong firewall configuration remain essential, and immediate malware removal is necessary if any interaction with a fraudulent link occurs.
The attack shows how criminals can turn even trusted collaboration functions into tools to commit fraud.
To effectively avoid these threats, organizations and individuals must remain vigilant.
“This case highlights a vulnerability in how platform features can be weaponized for email social engineering attacks. By embedding deceptive elements in seemingly innocuous fields such as organization names, fraudsters attempt to bypass traditional email filters and exploit user trust in reputable services,” said Anna Lazaricheva, senior spam analyst at Kaspersky.
“We urge all users to check invitations carefully and avoid clicking on embedded links without scrutiny. We also recommend that brands consider whether their online services or platforms could be abused by attackers.”
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
