Fake Chatgpt Pages Widen Phishing Threat Arabian Post

(MENAFN- The Arabian Post) clearfix"> Cybercriminals are exploiting trust in artificial intelligence platforms by abusing shared ChatGPT and Claude content links to steer users towards malware disguised as legitimate OpenAI software.

The campaign, tracked by security researchers as LLMShare, uses malicious search advertisements and search-engine manipulation to lure victims to pages that appear to be hosted on trusted AI domains. Once users click through, they are shown a fully designed web page carrying ChatGPT-style branding, including fake outage notices and prompts to download a supposed ChatGPT desktop application.

The tactic marks a shift in phishing and malware delivery. Rather than relying only on lookalike domains, attackers are embedding malicious narratives inside shared AI conversations or shared-content pages hosted on legitimate platforms. That gives the page a veneer of credibility at the exact moment users are being trained to trust chatbot-generated content, shared links and AI-assisted recommendations.

The fake pages do not appear to exploit a flaw in ChatGPT's core model. Instead, they abuse features designed for collaboration and sharing. Shared links allow users to generate public URLs for conversations so that others can view or continue them. Attackers have turned that convenience into a delivery mechanism, using the credibility of the hosting domain to reduce suspicion before redirecting victims to malware downloads.

Victims are first drawn in through sponsored Google ads or poisoned search results. The ads and ranked pages are crafted to match common searches linked to ChatGPT access, software downloads, outage notices and desktop tools. After landing on the shared-content page, users are presented with polished branding and a message suggesting that a download is required to restore service or continue using the platform.

See also CDN flaw widens DNS security gaps

The malware has been distributed as a fake ChatGPT desktop application. Security researchers have warned that the same technique has also been observed with Claude shared content, indicating that attackers are not targeting one company alone but a wider pattern in how AI platforms handle public sharing, user trust and external links.

The campaign reflects a wider trend in which cybercriminals combine malvertising, SEO poisoning and brand impersonation with AI-related themes. Search ads remain a powerful entry point because they appear above organic results and can be made to resemble legitimate company listings. SEO poisoning adds another layer by pushing malicious or attacker-controlled pages higher in search rankings for popular queries.

For businesses, the risk is not limited to individual users downloading malware at home. Employees searching for AI tools, productivity software or help with ChatGPT errors may do so from corporate devices. A single successful download can expose credentials, browser sessions, cloud documents, messaging accounts or internal systems, depending on the malware payload and device permissions.

The campaign also shows how the growth of AI tools has created new social engineering opportunities. Attackers are moving quickly to exploit user habits formed around chatbots, including clicking shared conversation links, trusting AI-branded pages and following instructions displayed in polished web interfaces. Pages that appear to be simple shared chats can become staging points for malicious downloads, credential theft or redirection to attacker-controlled infrastructure.

Security teams are being urged to treat shared AI links with the same caution applied to shortened URLs, file-sharing links and unsolicited software installers. Controls such as blocking unapproved software downloads, inspecting sponsored search traffic, warning users about lookalike ads and restricting execution of unsigned applications can reduce exposure. Browser isolation and endpoint detection tools can also help identify suspicious redirects and downloads before malware is installed.

See also TrickMo deepens Android banking threat

Users should avoid downloading applications from shared chat pages, sponsored ads or search results that do not clearly lead to the official provider. ChatGPT's desktop and mobile applications should be obtained only from verified app stores or official product pages. The advertiser identity behind search ads should be checked carefully, especially when an ad claims to offer support, updates, outage fixes or downloads for a widely used service.

The abuse of shared content also places pressure on AI companies to strengthen defences around public-link features. Clearer warnings on shared pages, stronger detection of impersonation content, restrictions on risky download links and faster takedown processes could reduce the value of these pages to attackers. Enterprises using AI platforms may also need policies for when shared links are allowed, how employees should handle externally received AI conversations and which domains are trusted.

The incident arrives as phishing campaigns increasingly rely on familiar platforms rather than obscure websites. Attackers have used cloud storage, document-sharing services, collaboration tools and advertising networks to make malicious activity appear routine. AI platforms now face the same challenge: features built to make sharing easier can be repurposed by criminals seeking credibility, reach and speed.

MENAFN01062026000152002308ID1111195123