Fake Customer-Service Chatbots
AI chatbots posing as brand support to extract logins, payments or remote access.
Last reviewed: 1 June 2026
What this scam is
Fake customer-service chatbots impersonate a brand's AI support on fake sites, ads, or social channels, smoothly guiding you to share logins, card details, or install software.
How it works
You reach a 'support chatbot' via a search ad or fake page. The convincing AI conversation collects your details to 'verify your account' or 'process a refund', then uses them for fraud.
Common red flags
- Support chat reached via an ad rather than the official site
- Bot requests passwords, full card details, or codes
- Pressure to install software or pay a fee
- Slightly-wrong branding or domain
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
Hi! I'm [brand]'s AI assistant. To process your refund, please confirm your login and card details.
Payment methods used
- Credentials/card details harvested
- Remote-access theft
Who is usually targeted
- Customers seeking support
- Refund seekers
What to do immediately
- Use only official support reached from the brand's real site/app
- Never share passwords, full card details, or codes with a chatbot
- Report and, if exposed, secure your accounts and contact your bank
Evidence to preserve
- The chat and URL
- How you reached it
- Any details shared
Where to report it
- Action Fraud (UK) — UK national fraud & cybercrime reporting centre
- FTC ReportFraud (US) — US Federal Trade Commission fraud reports
- FBI IC3 (US) — US Internet Crime Complaint Center
- Scamwatch (Australia) — Australian competition & consumer reporting
- Your bank's fraud line — Use the number on the back of your card or in your banking app — never a number the caller gives you
Always verify reporting routes and emergency contacts on the official government or agency website for your country.
Frequently asked questions
Are brand chatbots safe to use?
Official chatbots on the brand's genuine site are generally fine, but they won't ask for your password or full card details. Reach support only via the official website or app, not ads.