Scammers have found a new way to reach shoppers: getting ChatGPT to do their marketing for them. According to The Guardian, scam-checking service Ask Silver found that OpenAI’s chatbot is recommending fraudulent retail websites built to harvest payment details from unsuspecting buyers. The sites mimic real storefronts and use official-looking URLs, making them difficult to spot without scrutiny.
Defunct brands are a prime target
Scammers appear to be deliberately targeting brands that have recently shut down or been acquired, leaving a gap between consumer demand and an official web presence.
Ask Silver’s Anna Jones told The Guardian that Russell & Bromley, the British footwear retailer that went into administration in January 2026, is one example. With no official site remaining after Next absorbed the brand, fraudsters built a convincing clone and optimized it to surface in ChatGPT’s results. Shoppers who ask the chatbot for Russell & Bromley products by name get pointed straight to it.
Jones said one possible explanation is that bad actors have seeded ChatGPT’s training data with content designed to promote fraudulent pages, a technique sometimes called data poisoning.
OpenAI appears to have updated its results for shopping queries related to Russell & Bromley, and it now shows a warning stating, “Several websites currently advertising Russell & Bromley products at 80% appear suspicious and may not be official retailers. Recent reports have highlighted fake Russell & Bromley stores appearing in AI-powered search results.”
A bigger problem as AI takes over shopping
Research published last year found that ChatGPT already struggles to give consistent, reliable product recommendations, but misdirecting users to scam sites is a more serious failure. The problem is likely to grow as AI becomes a more active part of the buying process.
Louise Baxter of the UK’s National Trading Standards told The Guardian that fraudsters adapt quickly to new technology. With agentic AI shopping already in its early stages, the window to address this vulnerability is narrow.