The launch of OpenAI’s GPT-4 has created a buzz among artificial intelligence and cryptocurrency enthusiasts. Unfortunately, scammers have also taken notice of this and have launched phishing campaigns to steal cryptocurrency from unsuspecting victims. In this article, we will discuss the tactics scammers are using to carry out their scams and provide you with tips to avoid becoming a victim.
Phishing Email Campaigns: How Scammers are Luring Victims
Scammers are sending phishing emails to cryptocurrency enthusiasts, claiming to offer a “limited-time OpenAI DEFI token airdrop.” The email includes an image of a legitimate-looking OpenAI email, but with spelling and grammatical errors. The email claims that GPT-4 is only available to those with the OpenAI token, which aligns with OpenAI’s decision to limit access to GPT-4. However, the email includes the wrong date, which should raise a red flag.
It is unclear how scammers are targeting users, but it is possible that they are using breached data from other crypto services to create a target list.
Compromised Twitter Accounts Impersonating OpenAI
Scammers are also using compromised Twitter accounts to promote their GPT-4 scam. They are tweeting about a “$GPT coin” and claiming that it may be distributed to GPT-4 crypto users. The tweets mimic the real OpenAI account, making it difficult for users to distinguish between real and fake accounts.
Phishing Websites: How Scammers are Stealing Crypto
If a user clicks on the link in the phishing email, they will be directed to a website that looks very similar to the real OpenAI website. However, the phishing website promotes the “limited-time OpenAI DEFI token airdrop,” creating a sense of urgency and FOMO. The website also uses a hyphen in the domain name to make it appear like the main domain is “openai.com.”
To claim the alleged OpenAI tokens, users are asked to connect their wallet to the phishing website. This process is familiar to most cryptocurrency users, which may make them less cautious. Once connected, the phishing website can steal all the cryptocurrency tokens in the wallet.
Protect Yourself: Tips to Avoid GPT-4 Scams
To avoid becoming a victim of GPT-4 scams, here are some tips:
- Be cautious of emails or social media messages that offer free tokens or exclusive access to new products.
- Always double-check the source of the email or social media message before clicking on any links or buttons.
- Check the URL of any website before entering your login credentials or connecting your wallet. If it looks suspicious or different from the legitimate website, do not proceed.
- Use two-factor authentication for all cryptocurrency transactions.
- Use a hardware wallet to store your cryptocurrency, rather than a software wallet.
- Keep your computer and anti-virus software up-to-date.
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.