• Cybercriminals use AI website builders like Vercel to clone trusted brands in minutes. • Cheap, fast domain registration lets attackers register plausible brand‑lookalike names with minimal vetting. • AI tools replicate layouts, colors, and branding, adding fake product pages and sign‑up flows. • Holiday season saw 18,000 themed domains, 750 confirmed malicious, and 19,000 brand‑impersonating sites. • These fake sites harvest credentials, steal payments, and deliver malware disguised as order trackers. • Attackers boost visibility through SEO, social media, and spam to lure unsuspecting users.
Article Summaries:
- Cybercriminals are exploiting AI‑powered website builders, such as Vercel, to clone well‑known brands without any design or coding expertise. By registering inexpensive, plausible domain names and using AI to replicate a site’s layout, color scheme, and branding, attackers can quickly deploy fake storefronts or phishing pages. Recent data shows that in the three months leading up to the 2025 holiday season, over 18,000 holiday‑themed domains were registered, with 750 confirmed malicious, and about 19,000 domains aimed at impersonating major retailers, nearly 3,000 already hosting phishing or fraud content. A notable example is installmalwarebytes.org, a Vercel‑generated clone of Malwarebytes that lures users via comment spam and SEO poisoning. These sites harvest credentials, facilitate payment fraud, and deliver malware disguised as legitimate updates.
Sources: