Security · 2h ago
Fake OpenAI invites target cybersecurity firms in data theft scheme
Threat actors are creating fraudulent OpenAI tenants impersonating legitimate companies to trick employees into joining. Once accepted, victims may submit sensitive company data in chats and projects. The campaign specifically targets cybersecurity firms, aiming to steal proprietary information.
Meridian48 take
The attack exploits trust in a widely used AI platform, highlighting how even security professionals can be vulnerable to sophisticated social engineering.
Read the full reporting
Cybersecurity firms targeted by fraudulent OpenAI organization invites →
Bleeping Computer
openai-phishingcybersecurity-threats