Fake ChatGPT apps have invaded the AppStore and Play Store

Emre Çitak
May 18, 2023
Updated • May 18, 2023
Apps
|
2

The rapidly growing popularity of OpenAI's advanced chatbot, ChatGPT, has inadvertently paved the way for a surge in deceptive "fleeceware" apps. These fraudulent applications have recently surfaced on Google Play and Apple's App Store, masquerading as providers of OpenAI's ChatGPT service through enticing free trial offers. Security experts from Sophos have raised concerns over the proliferation of these scam apps and the unsuspecting users who fall victim to their sneaky in-app subscriptions.

In the ever-evolving landscape of online scams, it comes as no surprise that scammers are capitalizing on major trends and emerging technologies. Large language models and generative AI, such as OpenAI's ChatGPT, have become the latest targets for cybercriminals. Exploiting the curiosity surrounding this cutting-edge technology, deceptive apps have emerged, claiming to provide access to ChatGPT's capabilities through seemingly alluring free trial offerings.

These apps have found their way into the popular app stores, Google Play and the App Store, attracting unsuspecting users who desire a taste of this groundbreaking AI-driven chatbot.

Fake ChatGPT apps
Fake ChatGPT apps have found their way into the popular app stores

Tactics exploited by scammers

Sophos, a leading security firm, has shed light on the deceptive tactics employed by these scam apps. By strategically placing ads on social media platforms, scammers aim to target users who may be less discerning or unfamiliar with the technology. Misspelling the app's name, such as "Chat GBT," helps filter out users who might be more knowledgeable and avoid falling into the trap.

The intention is to ensnare individuals who are less likely to unsubscribe after a disappointing free trial experience, ultimately falling victim to the app's deceptive subscription fees.

These fraudulent apps, commonly known as fleeceware, present a challenge for app store operators like Apple and Google. Unlike more explicit forms of malware, fleeceware apps do not exhibit overtly malicious behavior, making them harder to detect and remove. Scammers often submit their apps for review, conveniently omitting critical details about subscription pricing and payment timelines.

This allows them to modify the terms later without altering the app's core functionality. The reliance on user subscriptions provides scammers with a steady stream of revenue, of which Apple and Google also receive a percentage.

Fleeceware in action

One such example is the Android app "Open Chat GBT". Although initially free to download, users quickly encounter an onslaught of advertisements and are restricted to using the chatbot functionality only three times. Subsequently, they are prompted to subscribe. The default option is a three-day free trial, which automatically transitions into a $10 monthly subscription. An annual subscription option, priced at $30, is also offered. Similarly, the researchers identified a comparable app on the App Store for iOS.

While Sophos researchers have successfully flagged some of the fake AI chatbot apps to Apple and Google, resulting in their removal, others remain available on these platforms. The response from both companies remains undisclosed, leaving users vulnerable to potential scams.

It is suspected that these fraudulent apps employ OpenAI's ChatGPT 3 application programming interface (API) to generate content. However, some apps may rely on lower-quality chatbot functionalities. Rather than restricting the number of queries, certain apps truncate responses, offering only snippets of information until a subscription is activated.

Fake ChatGPT apps
Fleeceware apps usually target the most popular chatbot apps right now

Subscription management challenges

One of the significant issues with fleeceware is the difficulty users face in managing their subscriptions effectively. Many users are unaware that deleting an app does not automatically cancel recurring payments. It is crucial for users to actively monitor and manage their app subscriptions to avoid falling victim to these deceptive practices.

The rise of fake ChatGPT apps in the App Store and Google Play underscores the need for increased vigilance when downloading and using new technologies. As scammers continue to exploit the popularity of advanced chatbots, it is essential for users to exercise caution, stay informed about subscription details, and actively manage their app subscriptions to protect themselves from falling prey to fleeceware.

App store operators must also enhance their oversight mechanisms to detect and remove such deceptive apps promptly.

Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. bruh said on August 18, 2023 at 1:25 pm
    Reply

    Uhh, this has already been possible – I am not sure how but remember my brother telling me about it. I’m not a whatsapp user so not sure of the specifics, but something about sending the image as a file and somehow bypassing the default compression settings that are applied to inbound photos.

    He has also used this to share movies to whatsapp groups, and files 1Gb+.

    Like I said, I never used whatsapp, but I know 100% this isn’t a “brand new feature”, my brother literally showed me him doing it, like… 5 months ago?

  2. 💥 said on August 18, 2023 at 3:55 pm
    Reply

    Martin, what happened to those: 12 Comments (https://www.ghacks.net/chatgpt-gets-schooled-by-princeton-university/#comments). Is there a specific justifiable reason why they were deleted?

    Hmm, it looks like the gHacks website database is faulty, and not populating threads with their relevant cosponsoring posts.

  3. 45 RPM said on August 19, 2023 at 6:29 pm
    Reply

    The page on ghacks this is on represents the best of why it has become so worthless, fill of click-bait junk that it’s about to be deleted from my ‘daily reads’.

    It’s really like “Press Release as re-written by some d*ck for clicks…poorly.” And the subjects are laughable. Can’t wait for “How to search for files on Windows”.

    1. owl said on August 20, 2023 at 12:51 am
      Reply

      > The page on ghacks this is on represents the best of why it has become so worthless, fill of click-bait junk…

      Sadly, I have to agree.

      Only Martin and Ashwin are worth subscribing to.
      Especially Emre Çitak and Shaun are the worst ones.

      If ghacks.net intended “Clickbait”, it would mark the end of Ghacks Technology News.
      Ghacks doesn’t need crappy clickbaits. Clearly separate articles from newer authors (perhaps AIs and external sales person or external advertising man) as just “Advertisements”!

      We, the subscribers of Ghacks, urge Martin to make a decision.

  4. chessandonions said on August 20, 2023 at 12:40 am
    Reply

    because nevermore wants to “monetize” on every aspect of human life…

  5. Frank Rizzo said on August 20, 2023 at 11:52 pm
    Reply

    “Threads” is like the Walmart of Social Media.

  6. Ashray said on August 21, 2023 at 4:06 pm
    Reply

    How hard can it be to clone a twitter version of that as well? They’re slow.

  7. Paul(us) said on August 21, 2023 at 5:16 pm
    Reply

    Yes, why not mention how large the HD files can be?
    Why, not mention what version of WhatsApp is needed?
    These omissions make the article feel so bare. If not complete.

    1. Paul(us) said on August 21, 2023 at 5:18 pm
      Reply

      Sorry posted on the wrong page.

  8. Marc said on August 21, 2023 at 6:00 pm
    Reply

    such a long article for such a simple matter. Worthless article ! waste of time

  9. plusminus_ said on August 21, 2023 at 7:54 pm
    Reply

    I already do this by attaching them via the ‘Document’ option.

  10. John G. said on August 21, 2023 at 11:43 pm
    Reply

    I don’t know what’s going on here at Ghacks but it’s obvious that something is broken, comments are being mixed whatever the article, I am unable to find some of my later posts neither. :S

  11. Tom Hawack said on August 23, 2023 at 2:28 pm
    Reply

    Quoting the article,
    “As users gain popularity, the value of their tokens may increase, allowing investors to reap rewards.”

    Besides, beyond the thrill and privacy risks or not, the point is to know how you gain popularity, be it on social sites as everywhere in life. Is it by being authentic, by remaining faithful to ourselves or is it to have this particular skill which is to understand what a majority likes, just like politicians, those who’d deny to the maximum extent compatible with their ideological partnership, in order to grab as many of the voters they can?

    I see the very concept of this Friend.tech as unhealthy, propagating what is already an increasing flaw : the quest for fame. I won’t be the only one to count himself out, definitely.

    1. Tom Hawack said on August 23, 2023 at 2:34 pm
      Reply

      @John G. is right : my comment was posted on [https://www.ghacks.net/2023/08/23/what-is-friend-tech/] and it appears there but as well here at [https://www.ghacks.net/2023/07/08/how-to-follow-everyone-on-threads/]

      This has been lasting for several days. Fix it or at least provide some explanations if you don’t mind.

  12. Tom said on August 24, 2023 at 11:53 am
    Reply

    > Google Chrome is following in Safari’s footsteps by introducing a new feature that allows users to move the Chrome address bar to the bottom of the screen, enhancing user accessibility and interaction.

    Firefox did this long before Safari.

  13. Mavoy said on September 16, 2023 at 2:17 pm
    Reply

    Basically they’ll do anything except fair royalties.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.