Tips to identify and avoid fake ChatGPT extensions on Google Chrome

• As ChatGPT gains popularity, it becomes an attractive target for cybercriminals.
• The fraudulent ChatGPT Chrome extension steals Facebook accounts and has been downloaded over 9,000 times.
• The only legitimate way to access ChatGPT is through ChatGPT Plus or Microsoft's Bing with ChatGPT, and there is currently no official browser extension available.

As the innovative chatbot ChatGPT continues to gain popularity, more individuals are getting onboard to try it. Getting 100 million users in two months is not a small feat; it’s something that even Instagram and TikTok couldn’t do. But on the flip side, scammers and hackers don’t leave the chance to exploit the trend.

The fraudulent ChatGPT extension for Chrome, which has been tampered with to steal Facebook accounts, has gained significant popularity on the Chrome Web Store, with over 9,000 downloads. The extension replicates the genuine ChatGPT add-on for Chrome called ‘ChatGPT for Google,’ which adds ChatGPT functionality to search results. However, the malicious version includes additional code to obtain Facebook session cookies.

The extension's author published it on the Chrome Web Store on February 14, 2023, but only started promoting it via Google Search ads on March 14, 2023. Since then, it has been installed on an average of one thousand devices daily.

Fake ChatGPT extension

Guardio has identified a new security issue affecting thousands of users daily: a fraudulent ChatGPT extension. The scam involves a malicious extension called ‘ChatGPT for Google,’ promoted on Facebook-sponsored posts as a convenient way to use ChatGPT directly from the browser.

While the extension provides access to ChatGPT's API, it also collects user data from their browser and steals authorized session cookies from any services the user uses. Additionally, it uses personalized tactics to gain control of the user's Facebook accounts.

Here’s how you can spot fake ChatGPT extension

Check the publisher
Always verify the extension's publisher before downloading it. Look for the publisher's name and information on the Chrome Web Store and ensure that it is a reputable organization.

Verify the permissions
Before installing an extension, check what permissions it is asking for. If an extension is asking for more permissions than necessary, it could be a sign that it is a fake extension.

Beware of pop-ups
Be cautious of pop-ups or ads encouraging you to download a ChatGPT extension.

Use anti-malware software
Install anti-malware software to protect yourself from fake extensions and other malware. The software can scan your system and detect any malicious extensions that may have been installed.

How to safely and securely access ChatGPT

Cybercriminals quickly capitalize on new trends and create phishing campaigns and other cyberattacks that prey on unsuspecting individuals. In the case of ChatGPT, hackers can take advantage of the hype surrounding it to lure people into clicking on malicious links or downloading fake extensions.

It's important to note that if you want to access ChatGPT, the only legitimate way to do so is by signing up for ChatGPT Plus for a fee or by meeting all the requirements for early access to Microsoft's Bing with ChatGPT.

Currently, there is no official browser extension for ChatGPT, and the chatbot can only be accessed online at ‘chat.openai.com.’ If an official extension is released in the future, it will be announced through reputable sources, and users should exercise caution before downloading any third-party extensions.

SEE ALSO:
Bing's AI Chatbot is now accessible on Mac: Here’s how you can use it
ChatGPT prompts to boost your productivity and creativity in 2023