An associate of mine messaged me, warning me of an email doing the rounds that was claiming to be from OpenAI and was relating to ChatGPT plus subscription renewals.
So lets go down the email and look at the obvious red flags;
Sender email – if this was a legitimate email from OpenAI it would normally have an OpenAI sender address.
Look out for punctuation and capital letters – If OpenAI were going to send an email like this, the mentions of ChatGPT would be written as such, they wouldn’t be written like this: chatGPT. This may seem like a small thing, but brands are usually quite strict when it comes to their brand name or their product names so this kind of mistake can often mean the email hasn’t come from them. Look in the footer of the email too, they wrote Openai – and this would never be formatted like this on legitimate emails from the company.
The button – (WARNING: do not click buttons to test – let me do that!) The button links to;
hxxps://www.bing.com/ck/a?!&&p=902c8aab5979ec1d5288669e24e0303164055e89ad40e958cb87f6472fecd73eJmltdHM9MTc1MjE5MjAwMA&ptn=3&ver=2&hsh=4&fclid=1aa6acb9-1517-6bad-1c52-b8d914516ab2&psq=site%3asanjaybapu.com+https%3a%2f%2fsanjaybapu.com%2f&u=a1aHR0cHM6Ly9zYW5qYXliYXB1LmNvbS9zaGlua2FyLw&ntb=1&mode=resetPassword&oobCode=9JQH7TMhiSNMSDxD0Gh1AJXGI2c-bIyLNvrSmnOlU-gAAAGYE1AqJg&apiKey=AIzaSyDwgfhGwcIlhC5qK3vhOHkVTbAjo1Ce3BM&lang=en
The link is complicated but it essentially takes the user to sanjaybapu.com/shinkar/ which seems to just be a black screen;
I assume this would have originally been a clone of the OpenAI website and load initially in some kind of user account section or a screen stating it was for a ChatGPT Plus Subscription Renewal and they would have taken some info and payment details and then probably sold your card info and/or your identity on the dark web.
NB: To check a link without clicking on it, hover over the link or button and in the bottom right hand wide of your browser window it should show yo where the button or link points.
Thankfully the Phishing website is now down, so no one can be scammed from these particular emails, but they have probably already made a new website and updated the button on future emails.
So, if you get an email from “OpenAI” about any kind of renewal, check the above things carefully (or forward to me if you are unsure) and if you smell a rat, then double check by logging into your OpenAI account by visiting their website and if its legit the renewal should appear in there too.
Be ScamWise folks!
Leave a Reply