Downloading AI tools from Facebook is probably downloading trouble

Photo (c) Bill Hinton - Getty Images

Here's how to detect these AI phishing attacks

The world’s newest shiny object – artificial intelligence – is quickly losing its sheen.

Not because it’s not cool or useful, but because cybercriminals are setting traps to try and bait the curious among us into downloading password-stealing malware.

New evidence from Check Point Research pins the tail of this scam donkey directly on Facebook. Check Point says cybercriminals are luring Facebook’s billions of users into downloading malware by setting up fake pages and ads for popular generative AI brands.

Many of these fake pages have tens of thousands of followers, which can lead to tens of thousands of problems – all playing out like this:

  • Cybercriminals use Facebook to impersonate popular generative AI brands, including ChatGPT, Google Bard, Midjourney, and Jasper.

  • The crooks use fake ads and brand pages from those AI products to try and get Facebook users to download malware posing as software from the actual AI company.

  • Malicious malware is contained in these downloads, which steals their online passwords (banking, social media, gaming, etc), crypto wallets, and any other information they save to their computers.

  • However, innocent users are liking and commenting on these fake posts, thereby unknowingly spreading the attack to their own social networks.

“Cyber criminals are getting smarter. They know that everyone is interested in generative AI and are using Facebook pages and ads to impersonate ChatGPT, Google Bard, Midjourney, and Jasper,” Sergey Shykevich, Threat Intelligence Group Manager, Check Point Research, said.

“Unfortunately, thousands of people are falling victim to this scam. They are interacting with the fake pages, which furthers their spread – and are even installing malware which is disguised as free AI tools. We urge everyone to be vigilant in ensuring they are only downloading files from authentic and trusted sites.”

How to spot phishing scams in the new AI world

Yes, these attempts are basically phishing attempts, but phishing attempts on acid. And because of this, Check Point reminds everyone who uses anything digital – the web, apps, email, chat, text messaging, etc. – that they have to be smarter than ever before to keep themselves safe.

The company suggests that in our new AI-driven world, we can take note of the nuances and save ourselves from being victimized with these steps:

  • Ignore display names: The display name of a phishing site or email can be configured to display anything a scammer wants. Verify that the sender's email or web address is trustworthy and authentic instead of looking at the display name.

  • Verify the Domain: A common trick used by phishers is to use domains with minor misspellings or that seem plausible. A URL may be replaced with in an email, or may be replaced with It's a good indication of a scam if you find these misspellings.

  • Always download software from trusted sources: Facebook groups are not the best place to download software. Instead, use an official webpage from a trusted source. And whatever you do, don't click on downloads from groups, unofficial forums, etc.

  • Check the Links:  In URL phishing attacks, malicious links are used to trick recipients into clicking them. One good way to check out the validity of a link is by hovering over it within an email, checking if it actually goes where it says it does. You can also check suspicious links with phishing verification tools like to see if they are known phishing links.

Take an Identity Theft Quiz. Get matched with an Authorized Partner.