Bỏ qua đến nội dung chính
Back to home
Tech AI 2 min read

Warning: Fake OpenAI GPT-5.6 Codex credit phishing campaign spreads on X

Multiple accounts on X are spreading a fake OpenAI Codex credit giveaway promising $100, aiming to steal user credentials via a phishing website.

Tier 1 · sources 64% confidence Reviewed
Sources x.com

A malicious online phishing campaign has recently emerged on the social media platform X, impersonating official OpenAI accounts to lure users. Scammers promise $100 in Codex credits to the first 10,000 users who share their feedback on a hypothetical "GPT-5.6 Sol" model or their reasons for switching. This is a sophisticated phishing tactic targeting the developer community and AI enthusiasts.

Detailed Developments

According to posts observed on X, phishing accounts have been distributing content urging users to write reviews to claim a reward. Users are directed to post on X and then visit a confusing domain named "switch-to-codex.openai.chatgpt.site" to claim their free tokens. The campaign exploits the eagerness of users to try next-generation AI models and receive API funding to quickly attract a large number of victims.

Technical & Technology Analysis

The domain used in this campaign is deliberately designed with familiar keywords such as "openai", "chatgpt", and "codex" to build false trust. However, the actual domain extension is ".site" rather than OpenAI's official web domains. Upon visiting, this fraudulent website may prompt users to connect cryptocurrency wallets, log into their OpenAI accounts, or provide sensitive personal information to steal digital assets and system credentials.

Expert Opinions & Insights

Security experts advise users to absolutely avoid clicking on any unfamiliar links that do not originate from verified official OpenAI communication channels. Currently, OpenAI has not announced any version named "GPT-5.6 Sol" or any massive Codex credit giveaway program tied to social media posting. This represents a textbook example of a social engineering attack.

Impact & Future

This incident highlights how cybercriminals are increasingly exploiting the artificial intelligence boom to launch targeted phishing campaigns. Readers and the tech community should remain highly vigilant, double-check URLs before entering credentials, and enable multi-factor authentication (MFA) to protect themselves against sophisticated brand impersonation tactics.