Scammers Exploit OpenAI Organization Invitations For Phishing

Kaspersky has detected a scam tactic in which attackers abuse OpenAI’s organization-creation and team-invitation features to send spam and phishing emails that appear to originate from legitimate OpenAI addresses. Attackers embed deceptive text, links, or phone numbers into the organization-name field during registration and invite victim emails, a method that can bypass filters and trick recipients into clicking malicious links or calling fraudulent numbers.