A new variant of the infamous “Fake-ChatGPT” Chrome extension has been discovered by cybersecurity researchers, and this time it’s targeting Facebook ad accounts. Dubbed “FakeGPT,” the extension has been downloaded by thousands of users per day and has already caused significant harm to those who have fallen victim to the scam.
The FakeGPT extension is designed to look and behave like the popular chatbot building tool GPT-3, but it’s actually a malicious program that steals sensitive information from Facebook ad accounts. Once installed, the extension can access the user’s Facebook ad account and extract their payment information, ad performance data, and even their login credentials.
The extension’s developers have been able to bypass Facebook’s security measures by using sophisticated phishing techniques. They send users fake login pages that look almost identical to the official Facebook login page, and when users enter their login credentials, the extension captures them and sends them to the attackers.
According to the researchers who discovered the extension, FakeGPT has been downloaded over 20,000 times in just one week, and the number of daily installs is increasing rapidly. The majority of the users affected by the scam are small business owners who use Facebook ads to promote their products and services.
Facebook has been made aware of the issue and is working to remove the extension from the Chrome Web Store. In the meantime, users are advised to be cautious when installing extensions and to only download them from reputable sources.
This incident highlights the need for individuals and businesses to be vigilant when it comes to online security. It’s important to use strong, unique passwords for every account, enable two-factor authentication whenever possible, and to regularly monitor accounts for any suspicious activity.
The rise of malicious Chrome extensions like FakeGPT is a worrying trend, and it’s likely that we will see more attacks like this in the future. It’s up to individuals and businesses to take the necessary steps to protect themselves from these types of scams.