Back to all posts

Your ChatGPT Answers Might Come From Hacked Websites

2025-07-20Efosa Udinmwen2 minutes read
Ai Security
Chatgpt
Cybercrime

Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.

As ChatGPT becomes a primary tool for people seeking recommendations on everything from software to local restaurants, new findings reveal that its suggestions may not be as reliable as they appear. The AI's answers are sometimes being sourced from websites that have been hacked or from expired domains repurposed to push spam, particularly for online casinos.

How Scammers Exploit AI Source Validation

This growing problem has been meticulously documented by James Brockbank of Digitaloft. His research highlights numerous examples where ChatGPT has been tricked into citing content from clearly manipulated websites.

In one disturbing instance, the professional website of a practicing attorney was hacked, with pages promoting UK casinos secretly added to the site. In another case, a domain that once belonged to a United Nations youth coalition was completely taken over and converted into a platform for online gambling. Similarly, an expired domain from a defunct arts charity, which still held authority from old links by the BBC and CNN, was revived to promote casino content and was subsequently cited as a source by ChatGPT.

Why This Deception Works

These tactics are effective because they exploit weaknesses in how ChatGPT currently selects and validates its sources. The AI model struggles to differentiate between a website's historical reputation and its current, often malicious, intent. It does not have robust mechanisms to verify if a site's ownership has changed or if its content has been compromised.

ChatGPT appears to give weight to a domain's legacy authority and the freshness of its content. This creates a loophole for bad actors who can acquire an expired, once-reputable domain or hack an existing one. By publishing new, spammy articles on these domains, they can fool the AI into treating their content as credible and including it in user-facing answers. This manipulation can happen without any obvious red flags for the end-user, who sees a confident answer from the AI.

How to Protect Yourself

The key takeaway is that users should approach ChatGPT's recommendations with caution. Do not automatically assume that every cited source is credible or legitimate. A quick check of a cited website's history, ownership, and overall relevance can reveal its true nature and help you avoid being misled by manipulated information.

Read Original Post
ImaginePro newsletter

Subscribe to our newsletter!

Subscribe to our newsletter to get the latest news and designs.