Phishing Emails Spread Fake ChatGPT & Gemini iOS Apps to Steal Facebook Logins
Cybercriminals are ramping up a sneaky phishing campaign that masquerades as exciting updates from AI giants ChatGPT and Gemini.
These deceptive emails trick iPhone users into downloading bogus apps from Apple’s own App Store, all under the guise of handy business or ad management tools.
How Fake Apps Hijack Your Facebook Logins
Once installed, the apps go straight for your Facebook login details, harvesting credentials to hijack accounts for scams, ad fraud, or worse.
The emails look convincing at first glance, with polished branding, urgent calls to “upgrade your AI ad tools,” and direct links pointing to what seem like legitimate App Store pages.
But dig deeper, and the malice reveals itself. Targets receive messages claiming exclusive access to “Gemini AI Advertising” or “Ads GPT,” promising smarter ad campaigns powered by cutting-edge AI.
Eager marketers or small business owners click through, sideload the apps, and boom: prompted to “connect” their Facebook accounts for full functionality. Instead of insights, attackers snag usernames, passwords, and session tokens.
| App Name | Malicious URL |
|---|---|
| Gemini AI Advertising | hxxps://apps.apple.com/au/app/geminiai-advertising/id6759005662 |
| Ads GPT | hxxps://apps.apple.com/au/app/ads-gpt/id6759514534 |
Notice the Australian (.au) storefront attackers use region-specific links to dodge broader scrutiny, but they work globally if you’re logged in.
Once credentials flow in, thieves can pivot to Facebook Business Manager takeovers, draining ad budgets or spreading further phishing via legit-looking pages.
Why this hits hard: Facebook powers massive ad ecosystems, and AI hype makes these lures irresistible. Unlike crude SMS scams, these leverage App Store trust, withno sideloading from shady sites required.
Users grant permissions blindly, assuming Apple’s vetting catches fakes. Spoiler: Overloaded review processes let some slip through.
Spot the traps: Emails from odd domains (not openai.com or google.com), pressure to act fast, and apps demanding Facebook logins for “AI optimization.”
Always verify via official sites, enable 2FA everywhere, and scan downloads with tools like VirusTotal.
According to Spiderlab, the campaign underscores a grim trend of phishers hijacking trusted platforms like the App Store to steal from interconnected accounts.
Site: https://cybersecuritypath.com
About the Author
