ChatGPT Scam Apps Exploit Users, Generating Huge Profits, Sophos Reports

TL;DR:

  • Sophos uncovers fraudulent ChatGPT-based apps masquerading as chatbots.
  • These apps overcharge users and coerce them into costly subscriptions.
  • They offer minimal functionality and bombard users with ads.
  • The apps manipulate rankings by using the ChatGPT name.
  • Sophos investigated five fleeceware apps, reporting exorbitant charges.
  • Fleeceware apps thrive on users’ lack of attention to costs and subscriptions.
  • They often go unnoticed by Google and Apple due to subtle rule compliance.
  • Fleeceware apps inflate ratings with fake reviews and rating requests.
  • Education is key to protecting users from falling victim to these scams.

Main AI News:

Sophos, the leading provider of cybersecurity services, has recently exposed a series of fraudulent applications that deceive users into paying exorbitant amounts of money under the guise of being genuine ChatGPT-based chatbots. In a comprehensive report titled “‘FleeceGPT’ Mobile Apps Target AI Enthusiasts to Generate Massive Revenue,” Sophos X-Ops uncovers the prevalence of these apps, which have infiltrated both the Google Play Store and the Apple App Store. These cunning applications offer minimal functionality in their free versions and relentlessly bombard unsuspecting users with ads, coercing them into subscribing to costly monthly plans that can amount to hundreds of dollars per year.

Scammers have always capitalized on emerging trends and technologies to enrich themselves, and ChatGPT is no exception,” explains Sean Gallagher, a principal threat researcher at Sophos. As interest in AI and chatbots reaches an unprecedented high, users flock to the Apple App Store and Google Play Store, eagerly downloading any application that resembles ChatGPT. Exploiting this demand, fraudsters have devised a new breed of scam applications, commonly referred to as “fleeceware” by Sophos. These insidious apps inundate users with advertisements until they succumb to the temptation of a subscription. These perpetrators rely on users disregarding the costs or simply forgetting about their ongoing commitment. By design, these apps often lose their appeal after the free trial ends, leading users to uninstall them unknowingly while still being charged on a monthly or weekly basis.

Sophos X-Ops has thoroughly examined five of these ChatGPT fleeceware apps, all of which claim to leverage ChatGPT’s algorithm. For instance, the app “Chat GBT” cunningly capitalizes on the ChatGPT name to bolster its ranking in the Google Play Store and App Store. While OpenAI generously provides users with the fundamental features of ChatGPT for free online, these fraudulent apps brazenly charge anywhere between $10 per month and $70 per year. The iOS version of “Chat GBT,” marketed as Ask AI Assistant, demands a staggering $6 per week or a hefty $312 per year after a mere three-day free trial. Astonishingly, this app raked in a remarkable $10,000 in March alone. Another fleeceware-like application called Genie entices users with a $7 weekly or $70 annual subscription, amassing a staggering $1 million in revenue within the past month.

Sophos initially uncovered the defining traits of fleeceware apps in 2019. These deceptive applications exploit users by charging for functionality that is already available for free elsewhere, while also resorting to manipulative tactics to coerce users into subscribing to recurring payment plans. Typically, these apps offer a free trial period, which, due to an onslaught of ads and limitations, renders them practically unusable until users subscribe.

Furthermore, these apps often suffer from subpar development and implementation, leading to substandard performance even after users upgrade to the paid version. To boost their reputation in app stores, they resort to inflating their ratings through fake reviews and persistently soliciting users to rate the app before it has even been utilized or before the free trial concludes.

Fleeceware apps are meticulously crafted to operate within the confines of Google and Apple’s service guidelines, ensuring they seldom violate security or privacy rules. Consequently, they rarely face rejection during the review process,” clarifies Gallagher. Although Google and Apple have introduced new guidelines to combat fleeceware since Sophos first reported on such apps in 2019, developers are persistently finding loopholes, such as severely limiting app functionality and access until users comply with payment demands. While some of the ChatGPT fleeceware apps featured in this report have already been removed, new ones continue to emerge, indicating an ongoing threat. The most effective defense against these deceptive practices lies in user education. Individuals must remain vigilant, acknowledging the existence of such apps and meticulously reading the terms and conditions before clicking “subscribe.” Users can also report unethical app developers to Apple and Google to prevent further exploitation.

Conclusion:

The discovery of fake ChatGPT apps that scam users and generate substantial profits has significant implications for the market. The rise of fleeceware demonstrates scammers’ adaptability to capitalize on emerging technologies and trends. It exposes the vulnerability of users who are eager to explore AI and chatbot applications, highlighting the need for increased awareness and caution. Furthermore, the ability of fleeceware apps to evade rejection by app stores through subtle compliance with rules presents a challenge for platforms like Google and Apple in ensuring user protection. Continued vigilance, user education, and strict enforcement measures are crucial to combatting such scams and safeguarding the market’s integrity.

Source