Attackers Abuse Shared Content for ChatGPT Phishing Campaign

Push Security warns of active phishing campaigns that host spoofed ChatGPT pages (including chatgpt.com shared URLs) to trick users into downloading a malicious desktop installer—likely an infostealer—delivered via SEO-poisoned ads and malvertising; attackers use conditional rendering to hide malicious pages from scanners and reuse the playbook across ChatGPT and Claude to maximize conversions.