Generative AI is Helping Hackers Create Phishing Sites Under 30 Seconds

Generative AI is no longer simply making it easier for developers to make things faster, it's also making it easier for hackers to bluff people. It has been found that the popular technology is being misused by hackers to create instant phishing websites. 

Identity management company Okta has warned that hackers are using Vercel's AI tool, v0, to instantly make phony login pages for phishing assaults. The news was first covered by Axios. 

How is this different from other phishing techniques

Most phishing efforts up till now have used AI to write emails or messages.  This is not the same.  Threat actors are using generative AI to build the whole phishing site, including the backend infrastructure, merely by typing in commands like "make a copy of login.okta.com." 

Okta's researchers discovered that hackers set quite a lot of phishing pages on Vercel's network. Some went after Okta customers. Some copied Microsoft 365 and even crypto services. 

The scariest part of this entire story is that the entire process is done by hackers in less than 30 seconds. Yes, that’s how fast they are creating these phony traps for you to fall into. 

Vercel in response to these malpractices has removed the phishing sites that were reported and is now working with Okta to make it easier for users to report abuse on the v0 platform.  Okta states that there is no evidence yet that any credentials were obtained from these bogus sites.  But while they were looking into it, their team saw a lot of new phishing domains appear, which is a clear sign that hackers are still trying out this method. 

Earlier phishing sites used to be sloppy, with lousy design, dodgy URLs, and broken logos.  Not any more.  These artificial websites made by AI are sleek, polished, and hard to tell different from the actual thing.  Okta recommends to get rid of passwords- something that most of the leading tech companies have been advocating for some time. It is now advisable to switch to passwordless technology like passkeys and biometrics to safeguard yourself online. 

Read More: Poco F7 Review: All Speed, No Nonsense - But Is That Enough?