AI & Deepfake Scamsmedium

FraudGPT: Subscription Service for AI-Generated Fraud, Available in Telegram

FraudGPT — a subscription AI fraud tool sold for $200/month on Telegram and dark web forums — offered phishing page generation, cracking tools, and malware writing capabilities, attracting thousands of subscribers within weeks.

Criminal AI Market·2023·2 min read

Background

Following WormGPT, criminal entrepreneurs competed to offer similar or superior AI fraud tools. FraudGPT launched in July 2023 and was sold via Telegram channels, making it accessible to anyone with a Telegram account.

The Attack

FraudGPT was marketed with specific features: creating undetectable malware, writing phishing pages for specific banks, creating cracking tools, and generating BEC email templates. The seller demonstrated the tool generating phishing pages for Bank of America and custom scam landing pages. Subscribers reported using it to create phishing kits for crypto wallets, bank impersonation pages, and spear-phishing emails for specific corporate targets. The tool was reported to have attracted over 3,000 subscribers within its first month.

Response

Netenrich researchers discovered and documented FraudGPT in July 2023. Multiple cybersecurity vendors published analysis. Law enforcement agencies were notified. The original seller continued operating under pressure, moving between Telegram channels as they were removed. Similar tools proliferated.

Outcome

FraudGPT demonstrated that criminal AI tools were becoming a commoditised market with competition, pricing tiers, and customer service. The Telegram distribution model made enforcement extremely difficult. Security teams began using AI phishing simulations to test whether employees could detect AI-generated content.

Key Takeaways

  1. Anti-phishing training must now include examples of AI-generated phishing — the old examples of poor grammar are obsolete
  2. Telegram channels are a primary distribution mechanism for criminal tools — monitor threat intelligence for emerging criminal AI services
  3. Phishing page detection must rely on URL analysis and certificate checking, not visual quality assessment
  4. Security vendor threat intelligence on dark web criminal tools enables proactive detection of new phishing kit infrastructure
FraudGPTTelegramsubscription fraudphishing kitcriminal LLM

More in AI & Deepfake Scams

2024critical

Deepfake CFO Video Call: Hong Kong Finance Worker Pays $25 Million

2 min readAI & Deepfake Scams
2025critical

Voice Cloning Bank Fraud: Your CEO's Voice Is Now a Hacking Tool

2 min readAI & Deepfake Scams
2019high

First Documented AI Voice Clone Fraud: CEO's Voice Transfers €220,000

2 min readAI & Deepfake Scams