“Kaspersky Warns of New OpenAI Scam: Attackers Send Spam from Official OpenAI Emails”
KHADAMATY–NEW
Kaspersky has uncovered a sophisticated scam tactic exploiting OpenAI’s platform features to send spam emails from legitimate OpenAI addresses, raising serious concerns over user trust and platform security
According to the cybersecurity firm, attackers are abusing OpenAI’s organization creation and team invitation functions to distribute fraudulent messages. The campaign begins with scammers registering a new OpenAI account and using the organization name field to embed misleading text, malicious links, or fake phone numbers
Once the “organization” is created, the attackers use the platform’s “invite your team” feature to send invitations to targeted email addresses. Because these invitations originate from official OpenAI email addresses, they appear authentic and bypass many conventional email filters
Kaspersky detected several types of scam messages delivered through this method. Some emails promote fraudulent offers, including adult services, while others use vishing tactics—false alerts claiming a subscription renewal for a large amount. Victims are then instructed to call a phone number to “cancel” the charge, which leads to further compromise.
A key sign of the scam is the inconsistent structure of the message. Attackers exploit the fact that the original invitation template was designed for legitimate project collaboration. The deceptive content, however, is embedded in the organization name field and appears in bold, making it harder for users to detect the fraud at first glance
“This case highlights a vulnerability in how platform features can be weaponized for social engineering email attacks,” said Anna Lazaricheva, senior spam analyst at Kaspersky. “By embedding deceptive elements in seemingly innocuous fields like organization names, scammers attempt to bypass traditional email filters and exploit user trust in reputable services. We urge all users to verify invitations carefully and avoid clicking embedded links without scrutiny
