Hi all! There’s a problem.
A chat bot is connected to my site via API.
I haven’t generated any traffic yet, so the traffic is almost zero. In one day, abnormal activity appeared and all funds from the account were spent (about $8).
The next day, I compared the site traffic with the usage traffic in OpenAI itself. The data does not match at all in terms of the time of entry to the site or the number of requests. For example, 4 people visited the site, and the OpenAI interface displayed many more requests.
I deposited $10 into my account and to my surprise it turned out to be only $6.3
And a minute later it’s $6.26, then $6.25, and so on. I deleted the old APIs and applied new ones, but it didn’t help. Then I couldn’t think of anything better than Cancel my plan. The account has been reset, the API has been updated. But the activity still continues.
Does anyone understand what is happening, how to solve it? Please help.
Hi and welcome to the Developer Forum!
Firstly, you should read this OpenAI help site entry
https://help.openai.com/en/articles/7242626-how-can-i-report-fraud-or-suspicious-activity
Please check your PC for viruses and malware, also check that you do not have any remote access software installed.
Have you at any point used your key with a 3rd party “bring your own key” service?
Have you built any application which is available for download publicly? If so, does that application have your API key within it?
A chat bot is connected to my site via API.
Who created the chatbot? How is it linked?
Thanks for your answer.
I used AI Engine plugin for WordPress, and there the API is full open to read, unlike OpenAI. Maybe this is the reason.
Several people worked on the site, but after they finished, I changed the passwords to the WordPress account and changed the API.
Hello.
Depends on where you measure the traffic of your site, it could be different than open ai. For example if you just measure what the user input in your chat box and you wrap the user input in some e instruction, the tokens used will depend on the question submitted to open ai not the traffic coming to your site. “Including instructions and all”
Second how is the information submitted to open ai. If there is a search that have to be done you are paying for the search and the answer. Similar to embeddings case you pay for embeddings then when you use them you pay for the answer.