Recently, multiple Claude AI users have issued warnings in Facebook groups and Reddit posts, stating that the credit cards linked to their Anthropic accounts are being fraudulently charged frequently. Attackers carry out large-scale purchases through the platform’s “Gift Subscriptions (Gift)” feature. Several victims from Taiwan, Canada, and the United States reported losses of more than ten thousand TWD, drawing outside attention.
Google’s malicious extension has been lurking for three years, secretly bypassing passwords and two-factor authentication
A Taiwanese victim, Mr. Hong, posted in a Facebook group for Claude Taiwan, revealing that the root cause of the incident stemmed from his downloading of software in April 2023. During that process, without knowing it, he installed a malicious Chrome extension called “Start New Tab Search.” The program belongs to the Adware.NewTab family and has been lurking for as long as three years.
This extension has permission to intercept HTTP requests, continuously stealing users’ cookies and session tokens in the background. Once the attacker obtains a valid session token, they do not need the account password or to complete two-factor authentication (2FA) at all; they can directly make purchases using the user’s account. This is also why all the measures taken by the victims afterward—pausing the card, changing passwords, enabling 2FA, and so on—failed to stop the fraud.
Four charges within three days, changing cards didn’t help—Anthropic interface flaw exposed
Mr. Hong said that in the early hours of April 16, he found his account had been automatically charged to purchase the “Gift Max 5X” plan. Even though he immediately took all standard security measures—pausing the card, changing his password, enabling two-factor authentication, logging out of all devices, revoking API Keys, and switching to a new payment method—the fraudulent charges continued occurring until April 20.
In the end, Mr. Hong was successfully charged for four transactions, with losses totaling $400. During that time, his phone continued to receive Mastercard 3D verification messages and Stripe verification codes, indicating that the attackers kept trying to charge again with the new card.
He worries that Anthropic’s billing interface does not have a “remove credit card” option—only “update payment method (Update)”—making it impossible for users to detach the card from their account.
Victims at home and abroad speak up simultaneously, and Reddit also shares card-fraud cases
Notably, another Canadian user also posted on Reddit’s r/ClaudeAI forum, saying their account was used to purchase a “Gift Max 20x” gift subscription with a credit card, resulting in losses of about 950 CAD (about $700 USD). Multiple charges were also continuously made.
He pointed out that on the consumer review site Trustpilot, multiple users from the Netherlands, the UK, and the US reported similar cases.
Anthropic customer support is essentially useless—contacting the credit card company is the fastest way for users to self-rescue
Both victims faced the same dilemma: Anthropic’s general support at support@anthropic.com could hardly provide any timely assistance. After Mr. Hong reported the issue on April 18, he later sent four more explanation emails, but within 72 hours there was still no response from any real person—only automated replies from a Fin AI Agent. The Canadian user also said the support from Fin AI was extremely poor.
At present, both have turned to their credit card companies to file a dispute chargeback (chargeback), which has become the quickest self-rescue method available to the victims right now. Mr. Hong also suggested that if you want to contact the Anthropic team, you can send emails to both usersafety@anthropic.com and disclosure@anthropic.com at the same time, which may offer a better chance of receiving a more direct response.
How to protect yourself? Three steps to immediately check your Claude account
In response to this ongoing spreading attack, victims are calling on all Claude users to immediately take the following protective measures.
First, log in to claude.ai right away, go to “Settings → Billing → Invoices,” and check whether there are any unauthorized “Gift Max” related charge records. If you find any, immediately contact the issuing bank to file a dispute chargeback—do not wait for Anthropic customer support to respond.
Next, open Chrome’s extensions management page (chrome://extensions/), carefully review all installed extensions, and remove any that you don’t recognize, that are from suspicious developers, or that you don’t remember installing yourself. These malicious programs often disguise themselves under names like “enhancing or beautifying the interface.”
Finally, submit an official support ticket to Anthropic, and at the same time email both usersafety@anthropic.com and disclosure@anthropic.com to improve your chances of getting a real person to handle it.
The victims also hope that Anthropic can quickly strengthen the platform’s protection measures, including enabling users to truly remove payment methods, adding second-factor verification for Gift transactions made in a short time window, and automatically freezing accounts after users report scams.
This article: Claude account exposed massive-scale card fraud! Taiwan and Canada victims lose over ten thousand—three steps to protect yourself immediately. First appeared on Chain News ABMedia.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Beijing Issues Ban-Removal Requirement for Trading to Be Canceled! Meta’s $2.0 Billion Acquisition of China’s AI Startup Manus Fails
The China National Development and Reform Commission officially issued an announcement today (April 27), stating that the Office of the Work Mechanism for Foreign Investment Security Reviews, “in accordance with law and regulations, has made a decision to prohibit investment in the foreign investment acquisition of the Manus project and requires the party concerned to cancel the acquisition transaction.” This is among the few cases since China’s “Administrative Measures for Foreign Investment Security Reviews” took effect in which the highest-strength measures were used to impose a “prohibition on investment” and require the cancellation of an already completed transaction.
Meta splashes $2 billion to buy the cheapest AI application
Time goes back to December 29, 2025. Meta announced the acquisition of China’s AI agent startup Manus, and the market estimated the price would fall between $2 billion and $3 billion. Manus is a general-purpose AI developed by Beijing Butterfly Effect Technology Development, and after it launched on March 6, 2025, it became the talk of the industry overnight due to an outstanding performance in the GAIA benchmark
ChainNewsAbmedia3m ago
Xizhi Technology-P IPO Shares Surge Over 360% on Gray Market, Gains Narrow to 320%
Gate News message, April 27 — Xizhi Technology-P (01879.HK), a Hong Kong-listed AI chip company, saw its shares surge over 360% on the gray market (dark market) earlier today, though gains have since narrowed to 320%.
The stock is trading ahead of its official Hong Kong IPO
GateNews15m ago
Should AI boost productivity or lower costs? A tenfold efficiency increase hasn’t turned into a tenfold revenue jump, but in Silicon Valley, nobody dares to call it off
Five Yuan Capital partner Meng Xing has recently published a Silicon Valley inspection report, proposing a judgment that has even changed his own note-taking habit: Silicon Valley is entering a stage where even people who can “ride waves” are drowned by the waves. The iteration speed of AI has shifted from “monthly” to “weekly”—even Silicon Valley itself can’t keep up with its own pace.
When AI amplifies a team’s productivity by five times, you can reduce 80% of the workforce to maintain the same output, or keep headcount and do five times the work. Meng Xing’s observations this time in Silicon Valley are essentially the first draft of the answer given on the ground: when 100x efficiency doesn’t translate into 100x revenue, when token budgets are edging toward human labor costs, and when the steam engine can’t outpace the horse carriage but no one dares to stop, Silicon Valley is choosing to “push speed up first and figure things out later.” But in the end, this path will lead to “expanding capability” or “compressing costs”—there’s currently no conclusion.
YC has gone from leading indicators to lagging indicators
Meng Xing this year
ChainNewsAbmedia1h ago
YC partners share how to use AI to build a company from scratch; startups should treat AI as an operating system rather than a tool
The impact of AI on startups is no longer limited to helping engineers write code faster, automating customer service workflows, or adding a Copilot to an existing product. Recently, YC partner Diana pointed out that the real change lies in the fact that AI is rewriting how a company should be built from scratch in the first place. For early founders, AI should not be merely an efficiency tool the company occasionally uses; it should be designed from day one as the operating system of the entire company.
The productivity perspective is outdated—AI is rewriting a company’s design starting point
Diana believes that when people in the market talk about AI today, they still too often stay within a “productivity improvement” framework—for example, engineers can write code faster, teams can automate more processes, and companies can roll out more features. But this argument actually underestimates the structural changes AI brings. She points out that the right people paired with AI…
ChainNewsAbmedia1h ago
Cursor AI agent caused an incident! One line of code cleared the company database in 9 seconds—“security checks” turned into empty talk
PocketOS founder Jer Crane said that Cursor AI agents ran maintenance on their own in a test environment, misused an API Token that adds/removes custom domains, and launched a delete command against Railway’s GraphQL API. Within 9 seconds, all data and same-region snapshots were completely destroyed, with the latest recoverable point being three months ago. The agent admitted to violating rules for irreversible operations, not reading technical documentation, not verifying environment isolation, and more. The victims were car rental industry customers; their bookings and all data disappeared, and reconciling accounts took a long time. Crane proposed five reforms: manual confirmation, fine-grained API permissions, backups separated from master data, a public SLA, and a mandatory underlying enforcement mechanism.
ChainNewsAbmedia1h ago
