Fraudulent OpenAI organization invites target security firms
🔔 Push Security discovered a campaign where attackers create fraudulent OpenAI tenants impersonating real companies and send legitimate-looking invites to employees. The invites originate from OpenAI notification addresses, pass authentication checks, and assign recipients Owner privileges within the fake organization. Attackers used Gmail accounts to pose as company executives and even attached a billing card to the tenant, likely to reduce suspicion. Push Security warns employees could be tricked into submitting sensitive data into the workspace and advises verification and monitoring of SaaS memberships.
