Malicious trendjackers are cashing-in on DeepSeek: Tips for staying safe

By L L Seow | Thursday, February 6, 2025, 9:39 AM Asia/Singapore

Reminiscent of GhostGPT, FraudGPT and WormGPT, new malicious campaigns are in force to hoodwink people interested in trying out DeepSeek

Cybercriminals are constantly latching onto new social and technological trends to exploit. Right now, the new DeepSeek generative AI (GenAI) chatbot is at the center of attention, and people have been trying to download and test it in droves.

However, just as when the other earlier GenAI chatbots were launched, numerous fake apps, fake registration pages and app download scams have surfaced to cash-in on consumer curiosity over DeepSeek.

In addition, according to Olga Svistunova, Senior Web Content Analyst, Kaspersky, “due to high numbers of new users and an alleged cyberattack on DeepSeek, there are glitches in the registration process on DeepSeek’s app and website: many registrations cannot come through. This situation can be used by cybercriminals to steal the credentials of users through fake DeepSeek web pages.”

Other than fake download pages and spoofed domains, cybercriminals have also created:

Malicious and/or copycat software purporting to be the chatbot, lying in wait for people who have downloaded the apps to launch the code and become exposed to a broad range of malicious activities
Email campaigns or social media messages that appear to be from DeepSeek, aiming to steal personal information or convince people to pay for the download, among other ruses.
Various new crypto tokens based on the DeepSeek hype but actually not tied to the DeepSeek brand officially. The operators entice individuals with promises of high returns, leading victims to invest in non-existent or worthless assets.
Fake AI-driven services, claiming to offer enhanced functionalities or exclusive features based on DeepSeek. Users are prompted to subscribe or pay for these non-existent services, resulting in financial loss and potential exposure to malware. An example includes a fraudulent website promoting a premium version of DeepSeek that promised superior performance but instead phished for users’ payment information.

Deepseek ways to stay safe
Staying safe from such opportunistic and malicious trendjacking does not currently require people to seek unique safety tips deeply. The usual cyber hygiene best practices apply.

Always be on the lookout for phishing tactics, deepfake and impersonation scams in all your web activities.
Be on extreme alert when unsolicited advertisements or messages offer cryptocurrency investments promising high returns and/or unique get-rich-quick techniques.
When downloading new apps to try, stick to the official app stores. Even then, such stores are not always vigilant or capable of detecting malicious apps until it is too late! Avoid sideloading dubious apps in the Android OS.
Carefully check the addresses of pages asking for account credentials: If there is even the slightest suspicion that a website is fake, do not enter any login information,
Make sure all your passwords are both strong and unique, supported by multi-factor authentication, biometric and other added verification processes available.
Install trusted, established web security and anti-malware tools on all your devices (desktop and mobile).

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper
Mitigating Ransomware Risks with GRC Automation
In today’s landscape, ransomware attacks pose significant threats to organizations of all sizes, with increasing …Download Whitepaper

Middle-sidebar-banner

Case Studies

Outgrowing limited perimeter-based security, DAIKYO ascends to zero trust holistic identity security
Besides gaining improved incidence response, the firm and its subsidiaries has reported increased productivity and …Read more
CASE STUDIES: Insider Threat Detection & Response
Insider threats are on the rise, with 60% of data breaches involving insiders. Explore how …Read more
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Read more
Unlock Your Guide to Securing Business Critical Secrets
Is your organization effectively managing access to sensitive secrets like credentials, API keys, and certificates …Read more

Featured

Strengthening payment security against AI threats

Featured

Security, convenience and fraud management in digital payments

Featured