From the coronavirus pandemic to the cryptocurrency craze, any major trend or world event will quickly be used as fodder for digital phishing attacks and other online scams. In recent months, it has become clear that the same will happen for large language models and generative artificial intelligence. Today, there are researchers from the security firm Sophos warning The latest incarnation of this is on display on Google Play and Apple’s App Store, where scam apps offer access to OpenAI’s ChatGPT chatbot service through free trials that eventually lead to subscription fees.
OpenAI has paid versions of GPT and ChatGPT for regular users and developers, but anyone can test the AI chatbot for free on the company’s website. Scams take advantage of people who have heard about this new technology, and perhaps the anger of people clamoring to use it, but without much additional context to try it themselves. Researchers first learned about the scams after seeing ads in news programs and social networks, but users can also encounter them by searching Google Play and the App Store.
“I’ve seen a lot of ads for these types of apps on social media platforms where it’s cheap to advertise and sometimes they use tactics like typos in the name — they call the app ‘Chat GBT’ or whatever — to screen out people who might be a little off. more savvy,” says Sean Gallagher, senior threat researcher at Sophos. “They try to screen people for the free trial and then cancel it because it’s stupid. They want people who don’t have enough attention to know how to unsubscribe.”
Such scams are known as fleeceware. These programs, which lure victims into regular weekly or monthly payments, are difficult to remove because they typically do not exhibit the technically invasive and malicious behavior that would trigger more overt malware. Researchers note that when fraudsters submit their apps to Apple and Google for review, they may not include all the details about subscription prices and when users will have to pay to continue getting functionality. They can then revise their requirements without changing anything about how the program is structured.
Google and Apple provide mechanisms for developers to offer in-app purchases for both one-time fees and recurring payments. And these companies get a discount every time apps in their app stores collect payments from users.
In the case of Android app Open Chat GBT, users could download the app for free, but quickly encountered a large amount of ads and were only able to try the chatbot three times before losing access to its functionality and receiving an offer to subscribe. By default, users could sign up for a three-day free trial to continue using the app, which would later become a $10 monthly subscription. Open Chat GBT also offered a $30 annual subscription. Researchers found a very similar app in the App Store for iOS by the same developer with a different name.
Sophos researchers note that Apple and Google have taken down some of the fake AI chatbot apps they looked at before the disclosure. There were others after researchers pointed them to Google and Apple. Both companies acknowledged receiving submissions, and Google canceled yet another program. Google and Apple did not immediately respond to requests for comment on the findings.
The researchers say they suspect some apps use OpenAI’s ChatGPT 3 API to generate content for users, while others use lower-quality chatbot functionality. And instead of limiting the user to a small number of requests, some apps truncate responses and only give users a piece until they start a subscription.
One of the biggest problems with fleeceware, Gallagher says, is that users don’t always know how to manage their subscriptions and don’t realize that even if they uninstall apps, their recurring payments will continue to be active with the service.
“We define fleeceware as something that charges an extraordinary amount of money for a feature that is available freely or at very low cost elsewhere,” he says. “And it’s effective because I even sometimes wonder why I’m getting paid so much by Apple every month. And that’s OK, I have shared family storage, AppleCare for my phone, Duolingo. You have to be very careful—you have to actively manage app subscriptions.”