You may have seen it featured on BBC's Rip Off Britain: a chilling new wave of cybercrime targeting UK residents through what looks like a helpful browser tool. Fraudsters are now using the hype around Artificial Intelligence to trick people into installing malicious software that grants criminals complete control over their computers.
Here is everything you need to know to stay safe.
How the Scam Works
The "AiFrame" campaign is a sophisticated operation that has already claimed over 300,000 victims. It doesn't start with a shady email, but often with a simple search for productivity tools.
- The Hook: You find a browser extension (usually for Chrome) that promises to be an "AI PDF Reader," "AI Sidebar," or "Gemini/ChatGPT Assistant".
- The Installation: Once installed, the extension looks and acts like a real AI. It might even give you plausible answers to your questions by "proxying" a real AI service in the background.
- The Hidden Payload: While you think you're just summarising a document, the extension is actually a remote access broker. It uses hidden code (iframes) to connect your browser to a server controlled by hackers.
- The Theft: The scammers can now "scrape" everything you do. This includes:
- Reading your private emails and drafts in Gmail.
- Capturing passwords as you type them.
- Stealing API keys or session tokens to bypass two-factor authentication.
Why It Is So Convincing
Unlike the clunky scams of the past, these "AI assistants" are incredibly polished.
- Official Stores: Many of these were found on the official Chrome Web Store, some even sporting "Featured" badges from Google, which gives users a false sense of security.
- Brand Hijacking: They often use names like "Gemini AI" or "ChatGPT" to piggyback on the trust you have in major tech companies.
- Professional Logic: The extensions use "Readability" libraries—the same tech used by legitimate "Reader Mode" apps—to scan your pages, making their activity look like normal browser behaviour to most security software.
Red Flags: How to Spot a Fake AI Tool
As highlighted on Rip Off Britain, you should be on high alert if an add-on:
- Requests "Read and change all your data on all websites". While some legitimate tools need this, it is a massive red flag for a simple PDF reader.
- Comes from an unknown developer. Always click the developer name in the Web Store. If they have no website or a very generic-looking one (like "tapnetic[.]pro"), steer clear.
- Is pushed via unsolicited ads. Be wary of "sponsored" links at the top of search results or adverts on social media promising "free" pro-level AI features.
What to Do if You’ve Been Ripped Off
If you have installed one of these extensions, or something similar, take these steps immediately:
- Remove the Extension: Go to your browser settings and delete any AI-related add-ons you don't 100% recognise.
- Change Your Passwords: Because these tools can "scrape" your screen, consider all passwords entered while the extension was active to be compromised.
- Check Your "Sent" Folder: Scammers often use your Gmail to send "Hi Mum/Dad" or recruitment scams to your contacts.
- Report It: In the UK, you should report the incident to Action Fraud (the UK’s national reporting centre for fraud and cybercrime) and JobsAware if it involved a fake job offer
The Bottom Line: If a new AI tool feels "too good to be true" or asks for deep access to your browser, it probably is. Stick to well-known, verified applications from major developers.
 |
| Beware the "AI PDF" SCAM |
