OpenAI’s advanced AI language model, known as ChatGPT, is becoming increasingly popular due to its advanced language processing techniques, which enable it to create responses that mimic human language. The system engages in natural-sounding conversations with users and provides comprehensive explanations on a broad range of subjects. ChatGPT has been trained on a massive text dataset which allows the language model to analyze and respond to texts in several contexts as well as languages. However, this growing popularity has made it a growing attraction for cybercriminals with several ChatGPT related scams doing the rounds.
It was earlier reported that fake ChatGPT apps were becoming increasingly popular. Now, a new scam is being used by hackers to steal people’s sensitive data, according to a report by online privacy firm Guardio.
How the scam takes place
The scam involves a fake browser extension called “Quick access to Chat GPT” which the victims unknowingly download to gain fast access to chatGPT. Although access is given to the chatbot, the browser extension steals all the cookies stored on your device, including security and session tokens for YouTube, Facebook, Google and more.
Now the hackers are free to steal your passwords, gain access and take over your accounts. Facebook accounts are especially being targeted by hackers.
Facebook accounts targeted
The browser extension quietly installs a forced backdoor into your Facebook account. This fake ChatGPT browser extension is notorious for taking over high-profile Facebook accounts. The Guardio report states, “By hijacking high-profile Facebook business accounts, the threat actor creates an elite army of Facebook bots and a malicious paid media apparatus. This allows it to push Facebook paid ads at the expense of its victims in a self-propagating worm-like manner.”
Thankfully, since the Guardio report was published, the “Quick access to Chat GPT” browser extension was removed from the Chrome Web Store. However, if you’ve still got it installed on your device, you should remove it immediately to prevent hackers from gaining access to your accounts.