EN
Most people trust a recommendation from ChatGPT more than a random ad on social media. Scammers know this, and they're now manipulating AI search results to push fake shopping websites directly into chatbot answers. The result? You could be one click away from handing your credit card details to criminals while believing an AI has already done the safety checks for you.
In a Nutshell
You open ChatGPT, type "where to buy Russell & Bromley bags," and click the top link the AI suggests. The site looks real, the prices are incredible, and a smart assistant vetted the source for you. But what if the AI has already been compromised? You land on a cloned website built entirely to steal your credit card details — and the AI sent you there.
This threat has a name: AI data poisoning. It is one of the fastest-growing vectors in online fraud, and it exploits the very trust that makes AI assistants feel so useful.
Did an AI recommend a shopping link? Check it before you click.
The technique is called data poisoning. Scammers build thousands of fake online stores and manipulate search engine optimisation (SEO) tactics to force those sites into the data pools that AI models scrape for answers. When you ask Microsoft Copilot, Google Gemini, or ChatGPT for shopping recommendations, the model retrieves these poisoned results and presents them as trustworthy sources.
You lower your guard because the recommendation came from a machine, not a shady social media ad. Criminals do not need to hack your computer to steal your money — they just trick the AI into opening the door for them.
"An AI ranking only means the system found the website relevant to your prompt, not that the business is legitimate or safe."
Timing determines exactly how well this exploit works. In January 2026, the beloved British footwear brand Russell & Bromley entered administration. The moment the official website went offline, scammers flooded the web with exact replicas.
Because no real site exists to outrank the fakes, AI models pull the fraudulent URLs straight to the top of their answers. Research confirmed scammers successfully targeted at least two major brands this way: Russell & Bromley and the homeware retailer Dunelm. The playbook is simple: wait for a trusted brand to collapse, clone its look, and let the AI do the rest.
This pattern will repeat every time a well-known retailer closes. Shoppers searching for liquidation stock or remaining inventory are especially vulnerable because they are actively expecting a sale.
Once you click the AI-generated link, the trap closes. These cloned sites advertise "80% off" clearance sales to rush you through checkout before you spot the red flags. The artificial urgency — countdown timers, "only 3 left" warnings, limited-time banners — is designed to override your instinct to pause and verify.
If you complete the purchase, you lose more than the cost of phantom shoes. Criminals harvest your credit card numbers, home address, and phone number to commit broader identity theft or sell your profile on dark web forums.
Before entering any payment details on an AI-recommended retail site, run through this checklist:
OpenAI and other AI developers are playing catch-up with these shopping scams. When researchers flag malicious links, companies manually remove the known scam URLs from their systems and provide reporting forms for users who spot dangerous links in their chat logs.
But manual takedowns are slow, and scammers register new domains within minutes of an old one being blocked. The structural problem — that AI models treat search ranking as a proxy for trustworthiness — has not been solved. Until it is, the responsibility falls on you as the user.
You cannot rely on a chatbot to vet your online purchases. Here is what to do every time an AI hands you a retail URL:
~UK: Action Fraud
~US: FTC ReportFraud
~EU: Europol Cybercrime Reporting
An AI recommendation does not guarantee a safe transaction — it only proves a scammer knew how to game the algorithm.
Frequently Asked Questions
How do scammers get their links into ChatGPT?
Criminals manipulate search engine optimisation tactics to push their fake websites into the data pools that AI models scrape for answers. Because AI relies on web-wide indexing, any site with sufficient fake authority can surface in AI-generated recommendations.
Why are AI shopping scams targeting brands like Russell & Bromley?
Scammers target recently closed companies because there is no official website left to outrank their cloned pages. The moment a brand's real domain goes dark, fake replicas move to the top of AI search results.
Can I get my money back if I bought from an AI-recommended fake site?
Contact your bank immediately and file a chargeback dispute. The AI company will not refund you. Act as fast as possible — the sooner you report it, the higher the chance of a successful reversal. Report to the FTC or Action Fraud in parallel.
Does a high AI ranking mean a website is trustworthy?
No. A high AI ranking only means the system found the website relevant to your search prompt. It is not an endorsement of legitimacy or safety. Always verify independently using ScamAdviser before transacting.
Adam Collins is a cybersecurity researcher at ScamAdviser who operates under a pseudonym for privacy and security. With over four years on the digital frontlines, he specialises in translating complex threats into actionable advice. His mission: exposing red flags so you can navigate the web with confidence.
This article first appeared in The Guardian
