- Scammers send emails from legitimate OpenAI addresses to trick users
- Deceptive organization names hide malicious links designed to capture sensitive information
- Businesses are targeted because multiple employees can receive malicious invitations simultaneously
Kaspersky has uncovered a sophisticated scam that exploits OpenAI’s team invitation system to attack unsuspecting users.
Fraudsters register accounts and embed deceptive links or phone numbers directly into the organization’s name field.
They then use the “invite your team” feature to send emails from legitimate OpenAI addresses, making the messages appear fully authentic.
Email content is misleading
Kaspersky warns that these emails can easily trick recipients into clicking on malicious links or calling fake numbers, potentially causing serious data or financial losses.
The content of these scam emails varies, but the goals remain consistent. Some messages claim that a subscription has been renewed for an unusually large amount, while others promote fraudulent offers, including adult services.
Kaspersky notes that attackers often combine email and voice tactics, using vishing to pressure recipients into immediate action.
The text of these emails often show structural inconsistencies, yet attackers rely on recipients to overlook these irregularities.
Businesses face higher risk because attackers can target multiple employees at the same time.
Kaspersky recommends treating all unsolicited invitations with suspicion, even when they appear to come from trusted platforms.
Users should carefully inspect all URLs before clicking, avoid calling numbers included in suspicious messages, and report unusual activity to the service provider.
Users should enable multi-factor authentication across all accounts to reduce risk, but stronger protection also requires technical defenses.
Endpoint protection and strong firewall setups remain essential, and immediate malware removal is necessary if interaction with a fraudulent link occurs.
The attack shows how criminals can turn even trusted collaboration features into tools for fraud.
To effectively avoid these threats, organizations and individuals must remain vigilant.
“This case highlights a vulnerability in how platform features can be weaponized for social engineering email attacks. By embedding deceptive elements in seemingly innocuous fields like organization names, fraudsters are trying to bypass traditional email filters and exploit users’ trust in reputable services,” said Anna Lazaricheva, senior spam analyst at Kaspersky.
“We encourage all users to verify invitations carefully and avoid clicking on embedded links without investigation. We also recommend that brands consider whether attackers could abuse their online services or platforms.”
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
