Cybersecurity firm Kaspersky has uncovered a scam campaign in which fraudsters are using features on the OpenAI platform to send spam and scam emails that appear to come from official OpenAI email addresses.
According to Kaspersky, the attackers are abusing OpenAI’s organisation creation and “invite your team” features. These tools are meant for legitimate collaboration, but scammers are using them to deliver deceptive messages directly into people’s inboxes.
The scheme begins when attackers create an account on OpenAI and register an organisation. During this process, users are allowed to enter any text as an organisation name. Kaspersky says scammers take advantage of this by inserting misleading messages, web links or phone numbers into the organisation name itself.
After creating the organisation, the attackers use the platform’s team invitation option to send invitations to selected email addresses. Because the invitations are sent from OpenAI’s official email system, the messages appear genuine and are more likely to be trusted.
Kaspersky said it detected several types of scams delivered through this method. Some emails promote fraudulent services, including adult content. Others are vishing scams, where recipients are falsely told that a subscription has been renewed for a large amount of money and are asked to call a phone number to cancel the charge. Victims who call the number may be pressured into sharing personal or financial information.
Although the scam messages do not fully match the design of standard OpenAI invitation emails, Kaspersky noted that many recipients may not notice the differences. The deceptive text is often shown in bold and stands out from the rest of the invitation template, which was originally designed for inviting collaborators to a project.
“This case highlights a vulnerability in how platform features can be weaponised for social engineering email attacks,” said Anna Lazaricheva, Senior Spam Analyst at Kaspersky.
“By embedding deceptive elements in seemingly harmless fields like organisation names, scammers try to bypass email filters and take advantage of user trust in reputable services,” she said. “We urge users to verify invitations carefully and avoid clicking links or calling numbers included in such messages.”
Lazaricheva also warned technology companies to review how their platforms can be misused. “Organisations that operate digital services should regularly assess whether their features could be abused by attackers,” she added.
For Nigerian users, the warning is especially relevant as scam emails and phone-based fraud remain common. Kaspersky advised people to treat unexpected collaboration invites with caution, even when they appear to come from well-known global companies.
The company said the campaign shows how cybercriminals are increasingly relying on trusted platforms, rather than fake websites or hacked emails, to carry out scams.
