HomeIntelligenceBrief
BREACH BRIEF🟠 High ThreatIntel

Fraudulent OpenAI Tenant Invitations Lure Cybersecurity Firms into Credential‑Harvesting Campaign

Threat actors created counterfeit OpenAI ChatGPT workspaces and sent authentic‑looking invitations to cybersecurity firms. Employees who accepted were added to a malicious tenant where attackers could capture any data entered. The scenario underscores the need for robust security awareness training and SaaS onboarding controls in a SOC 2 program.

LiveThreat™ Intelligence · 📅 June 26, 2026· 📰 bleepingcomputer.com
🟠
Severity
High
TI
Type
ThreatIntel
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
4 recommended
📰
Source
bleepingcomputer.com

Fraudulent OpenAI Tenant Invitations Lure Cybersecurity Firms into Credential‑Harvesting Campaign

What Happened – Threat actors created counterfeit OpenAI ChatGPT workspaces that mimic legitimate company tenants. Invitations were sent from OpenAI’s genuine notification address, passed SPF/DKIM checks, and granted the recipient “Owner” privileges. Employees who accepted were added to a tenant controlled by the attacker, who could then harvest any data entered into the workspace.

Why It Matters for Compliance & Audit Readiness

  • Demonstrates a gap in SOC 2 CC6.1 – Security Awareness Training: employees must be able to recognize sophisticated SaaS‑onboarding phishing attempts.
  • Provides a concrete example of why continuous evidence of policy enforcement (e.g., SaaS‑vendor verification logs) is required for audit readiness.
  • Highlights the need for documented incident response to unauthorized SaaS tenant creation, supporting the “Incident Management” control set.

Who Is Affected – Cybersecurity and broader technology service firms that use OpenAI’s enterprise ChatGPT offering.

Recommended Actions

  • Amend SaaS onboarding policies to require multi‑factor verification of tenant ownership before accepting any invitation.
  • Run targeted phishing‑simulation training that includes AI‑tool invitations and the subtle “email domain mismatch” warning.
  • Enable logging of all OpenAI tenant creation events and monitor for mismatched billing information.
  • Incorporate the invitation review process into your SOC 2 evidence collection (e.g., screenshots, ticket records).

Source: BleepingComputer – Cybersecurity firms targeted by fraudulent OpenAI organization invites

Technical Notes – The attack leverages legitimate OpenAI email infrastructure (noreply@tm.openai.com) and passes standard email authentication (SPF/DKIM). The malicious tenant is created with attacker‑controlled Gmail accounts, and the “Owner” role grants full admin rights, enabling potential data exfiltration from any ChatGPT project. No known CVEs are involved; the vector is social engineering.

📰 Original Source
https://www.bleepingcomputer.com/news/security/cybersecurity-firms-targeted-by-fraudulent-openai-organization-invites/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Security Awareness

Awareness is a control you can evidence too.

Verisq AI Trust Operations records training completion and policy adoption as audit evidence — turning 'we train our staff' into something you can actually prove.

See how Verisq AI Trust Operations covers awareness →