Summary: Following the launch of China’s DeepSeek AI chatbot, cybercriminals have rapidly created phishing sites that impersonate the company, aiming to steal sensitive information from unsuspecting users. Researchers have identified at least 16 fraudulent sites utilizing dynamic content and agile methods to evade detection, while also promoting fake investment and cryptocurrency scams. The surge in malicious activities underscores the importance of user vigilance and proactive protection measures against such threats.
Affected: DeepSeek users and organizations
Keypoints :
- At least 16 phishing sites impersonating DeepSeek have been reported, with fraudulent domains appearing in coordinated waves.
- Attackers display adjustable tactics based on user engagement and site trends, making them harder to track and shut down.
- Users engaging with these sites risk identity theft, financial fraud, including cryptocurrency scams, and malware infections.
- Malicious packages labeled “deepseekai” and “deepseeek” have also been found on the PyPI repository, targeting developers.
- The incident highlights the need for users to be cautious and for organizations to improve scam detection and takedown efforts.
Source: https://www.darkreading.com/cyber-risk/deepseek-phishing-sites-pursue-user-data-crypto-wallets