Phishing Emails Push Fake ChatGPT and Gemini iOS Apps To Steal Logins

A sophisticated phishing campaign is targeting iPhone users by impersonating two of the world’s most trusted AI brands — OpenAI’s ChatGPT and Google’s Gemini.

The attackers are sending out deceptive emails designed to lure recipients into downloading fake applications from Apple’s official App Store.

What makes this operation stand out is that the malicious apps are not disguised as random utilities — they are wrapped in the credibility of well-known AI platforms that millions of professionals interact with every day.

Once a victim downloads one of these applications, they are led into a credential harvesting trap that silently collects their Facebook login information.​

The attack begins with a phishing email formatted to resemble legitimate outreach from ChatGPT or Gemini.

These messages are carefully written to appeal to business users, marketers, and social media professionals, presenting the fake apps as advertising management or AI-powered business tools.

The email contains a direct link that routes the recipient to a listing on Apple’s App Store, a platform most users trust by default.

This trust is central to the campaign’s effectiveness, since very few users stop to question an application that appears to be properly listed on an official distribution platform.​

SpiderLabs analysts identified two fraudulent listings on the Apple App Store during their investigation.

The first was GeminiAI Advertising with the App Store identifier id6759005662, and the second was Ads GPT carrying the identifier id6759514534, both hosted on the Australian App Store storefront.

Upon launching either application, users are not presented with any real AI functionality or business features as advertised.

Instead, the app immediately surfaces a fake Facebook login screen and prompts the user to enter their credentials, supposedly to link an account for advertising purposes.​

This campaign signals a significant tactical shift among credential-harvesting threat actors. Rather than constructing fake websites or relying on malicious email attachments, the attackers here chose to infiltrate an official app marketplace to add a layer of legitimacy to their operation.

Apple’s App Store is widely perceived as a tightly controlled environment, which makes it a powerful trust signal for unsuspecting users.

The fact that these malicious apps were able to appear there, even briefly, highlights the challenge of vetting every application that passes through large-scale digital distribution platforms.

How the Credential Theft Unfolds

The success of this campaign depends on a carefully staged chain of trust that begins long before the user ever opens the fake app.

An email appearing to come from a recognized AI platform sets the expectation that the linked tool is both legitimate and useful.

By the time the victim navigates to the App Store and installs the application, they have passed through several credibility checkpoints, each one reinforcing the belief that they are dealing with a real product.​

Once the application is installed and launched, it bypasses any genuine onboarding process and displays a Facebook login screen almost immediately.

This interface closely mirrors Facebook’s native login design, giving no obvious indication to the average user that anything is wrong. Credentials submitted through this fake form are captured in real time and sent to infrastructure controlled by the attackers.

The stolen data gives threat actors direct access to personal Facebook profiles, business ad accounts, and pages linked to the compromised account — making the payoff significant for financially motivated attackers.

Users who receive unsolicited emails promoting AI-powered applications should verify the sender’s actual email address rather than relying on the display name alone.

Before downloading any app, cross-checking the developer name, reading user reviews, and scanning the description for inconsistencies can reveal signs of fraud.

Enabling two-factor authentication on Facebook and other social media accounts provides meaningful protection even when a password has been stolen.

Security teams within organizations are also encouraged to circulate awareness about this type of campaign, and employees should be reminded to report any suspicious email that promotes software downloads, no matter how familiar the impersonated brand may seem.

IoCs

Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.