Beware, hackers have hijacked OpenAI’s 'invite your team'...

Pro
Security

Beware, hackers have hijacked OpenAI’s 'invite your team' feature to break into your business News By Efosa Udinmwen published 25 January 2026

Vishing calls follow emails to pressure victims into revealing account details

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Image Credit: TechRadar (Image credit: Shutterstock / Mehaniq) Share Share by:

Copy link
Facebook
X
Whatsapp
Reddit
Pinterest
Flipboard
Threads
Email

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google

Fraudsters send emails from legitimate OpenAI addresses to trick users
Deceptive organization names hide malicious links designed to capture sensitive information
Businesses are targeted because multiple employees can receive malicious invitations simultaneously

Kaspersky has uncovered a sophisticated scam which exploits OpenAI’s team invitation system to attack unsuspecting users.

Fraudsters register accounts and embed deceptive links or phone numbers directly into the organization name field.

They then use the “invite your team” feature to send emails from legitimate OpenAI addresses, making the messages appear fully authentic.

Email contents are deceptive

Kaspersky warns these emails can easily trick recipients into clicking malicious links or calling fraudulent numbers, potentially causing serious data or financial losses.

The content of these scam emails varies, but the goals remain consistent. Some messages claim that a subscription has been renewed for an unusually large sum, while others promote fraudulent offers, including adult services.

Kaspersky notes attackers often combine email and voice tactics, using vishing to pressure recipients into acting immediately.

The text in these emails frequently shows structural inconsistencies, yet attackers rely on recipients overlooking these irregularities.

Are you a pro? Subscribe to our newsletterContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

Businesses face higher risk because attackers can target multiple employees at the same time.

Kaspersky recommends treating all unsolicited invitations with suspicion, even when they appear to come from trusted platforms.

Users should carefully inspect all URLs before clicking, avoid calling numbers included in suspicious messages, and report unusual activity to the service provider.

You may like

Watch out - this fake Microsoft Teams app is actually dangerous malware, here's how to stay protected
AI scams surge: how consumers and businesses can stay safe
Hackers impersonate TechCrunch reporters to steal sensitive information - but you can always trust us

Users should enable multi-factor authentication across all accounts to reduce risk, but stronger protection also requires technical defenses.

Endpoint protection and strong firewall setups remain essential, and immediate malware removal is necessary if any interaction with a scam link occurs.

The attack shows how criminals can turn even trusted collaboration features into tools for fraud.

To avoid these threats effectively, organizations and individuals must remain vigilant.

“This case highlights a vulnerability in how platform features can be weaponized for social engineering email attacks. By embedding deceptive elements in seemingly innocuous fields like organization names, scammers attempt to bypass traditional email filters and exploit user trust in reputable services,” said Anna Lazaricheva, senior spam analyst at Kaspersky.

“We urge all users to verify invitations carefully and avoid clicking embedded links without scrutiny. We also recommend that brands consider whether attackers could abuse their online services or platforms.”

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Efosa UdinmwenFreelance Journalist

Efosa has been writing about technology for over 7 years, initially driven by curiosity but now fueled by a strong passion for the field. He holds both a Master's and a PhD in sciences, which provided him with a solid foundation in analytical thinking.

Show More Comments

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.

Watch out - this fake Microsoft Teams app is actually dangerous malware, here's how to stay protected Abstract image of cyber security in action.

AI scams surge: how consumers and businesses can stay safe Phone scammer

Hackers impersonate TechCrunch reporters to steal sensitive information - but you can always trust us A hacker typing on a MacBook laptop with code on the screen.

A hacker typing on a MacBook laptop with code on the screen.

'Weaponized AI' could be the biggest security threat facing your business this year - here's what experts say you should be on the lookout for A person holding a phone looking at a scam text with warning signs around

A person holding a phone looking at a scam text with warning signs around

Watch out - these scam Mac Store apps are impersonating Google Gemini & OpenAI ChatGPT An AI face in profile against a digital background.

How AI is supercharging social engineering - and what businesses can do about it Latest in Security Back View of Young Black Man Walking and Looking at Big Digital Screens Glitching While Displaying Code Lines. Professional Hacker Breaking Through Cybersecurity Protection System, Changing Code

Back View of Young Black Man Walking and Looking at Big Digital Screens Glitching While Displaying Code Lines. Professional Hacker Breaking Through Cybersecurity Protection System, Changing Code

Huge data leak of 149 million credentials exposed without any protection – 98GB of unique usernames and passwords from financial services, social media accounts and dating apps Phishing, E-Mail, Network Security, Computer Hacker, Cloud Computing Cyber Security 3d Illustration

Phishing, E-Mail, Network Security, Computer Hacker, Cloud Computing Cyber Security 3d Illustration

Crowdstrike and Nord Security partnership nests Falcon Go and Falcon Enterprise directly through NordLayer – combined enterprise-grade protection with VPN and ZTNA for SMBs A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system

A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system

Microsoft SharePoint exploited to hack multiple energy firms Malware attack virus alert , malicious software infection , cyber security awareness training to protect business

Malware attack virus alert , malicious software infection , cyber security awareness training to protect business

Curl will stop bug bounties program due to avalanche of AI slop A man making a phone call and looking confused

Custom-made 'vishing' kits are attacking SSO accounts across the world - Google, Microsoft and Okta under threat, here's what we know Best free Linux firewalls

Fortinet FortiGate devices hit in automated attacks which create rogue accounts and steal firewall data Latest in News The Insta360 X5 and X4 Air action cameras in an outdoor setting under natural light

The Insta360 X5 and X4 Air action cameras in an outdoor setting under natural light

The Insta360 CEO just leaked two upcoming cameras in one teaser image Row of Samsung Galaxy S25 phones

The Galaxy S26 Series looks like getting one of the best Pixel features ICYMI header image with Sony Buds, Spotify Playlists, and Polar Loop band.

ICYMI: the week's 7 biggest tech stories from ChatGPT to OLED TVs A still of Disneyland Construction from 'Disneyland Handcrafted'

Disneyland Handcrafted is a fascinating look at how Disneyland was built Disney’s “The Muppet Show” stars Sabrina Carpenter and the original Muppet cast

Disney’s “The Muppet Show” stars Sabrina Carpenter and the original Muppet cast

We just watched the official The Muppet Show on Disney+ trailer and now we're going gonzo Lego Smart Bricks on Wireless Charger

Lego on why Smart Bricks needed custom wireless charging LATEST ARTICLES

1Beware, hackers have hijacked OpenAI’s 'invite your team' feature to break into your business
2Samsung's new brighter OLED TV tech is great, but it won't dominate LG yet
3This hidden feature I found makes it much easier sculpt your Wi-Fi speaker’s sound
4Are robot window cleaners any good? I tested one – here's what you need to know before you buy
5Klipsch Flexus Core 100 review: a commendable, compact Dolby Atmos soundbar

Beware, hackers have hijacked OpenAI’s 'invite your team' feature to break into your business

Email contents are deceptive

Related Articles

Your future BMW electric M3 will still sound like a real M car

Your WhatsApp voice notes could help screen for early signs of depression

Your charging cable might get a workout if you try ‘Charchery’