Cybercriminals Weaponize ChatGPT With New Stealth Phishing Technique
By 813 Staff
Silicon Valley insiders report Cybercriminals Weaponize ChatGPT With New Stealth Phishing Technique, according to The Hacker News (@TheHackersNews) (in the last 24 hours).
Source: https://x.com/TheHackersNews/status/2060424993964786053
Sam Altman’s AI empire just became a vector for credential harvesting. A new attack chain dubbed “ChatGPhish,” first flagged by The Hacker News (@TheHackersNews) on May 29, demonstrates how threat actors are weaponizing OpenAI’s ChatGPT interface to bypass corporate email filters. Internal documents circulating in security circles describe the technique as a “socially engineered relay,” where attackers prompt the model to generate convincing phishing lures and then use its API to distribute them from a legitimate OpenAI IP address.
Engineers close to the project say the exploit does not require compromising OpenAI’s infrastructure. Instead, malicious actors register legitimate ChatGPT accounts, craft a prompt that instructs the model to impersonate a trusted vendor or internal IT support, and then paste a malicious link into the conversation. The model’s reply—which includes the rendered phishing text—is then forwarded via email, appearing to originate from OpenAI’s own domain. Because the email passes DMARC and SPF checks, traditional phishing filters treat it as benign. The attack has been observed in the wild since early May, targeting finance and HR departments with fake password-reset notifications.
The rollout of mitigations has been anything but smooth. While OpenAI publicly acknowledged the abuse vector on May 28, internal chats suggest the company initially characterized the issue as a “prompt abuse” edge case. Security researchers counter that the core vulnerability lies in allowing free-tier accounts to send automated messages without domain-level sender verification. At least two red-teaming firms have since published working proof-of-concept code on GitHub, forcing OpenAI’s trust and safety team to scramble for a server-side patch. No timeline for a permanent fix has been shared.
Why this matters for the 813 audience: Even if you train your team to spot phishing, ChatGPhish strips away the usual red flags. The email comes from a known sender domain, the language is syntactically flawless, and the reply chain looks exactly like a normal customer-support interaction. If your enterprise uses API keys for internal tools, third-party risk just got harder to quantify.
What happens next remains uncertain. OpenAI has signaled it may require verified payment methods for any account that generates outbound messages, but that change would take weeks to implement. Until then, security teams should treat any unsolicited email containing a ChatGPT interaction as suspect—especially if it asks for credentials or MFA codes.
Source: https://x.com/TheHackersNews/status/2060424993964786053
