Vercel's AI tool v0 has been weaponized by threat actors to create fake sign-in pages that impersonate genuine sites. This trend highlights a significant evolution in phishing tactics, where simple text prompts can generate functional phishing sites quickly. Threat actors have been observed using Vercel's infrastructure to host resources like company logos, enhancing the credibility of their scams. Vercel has responded by blocking access to these phishing sites after responsible disclosure. The ease of use of tools like v0 makes it accessible for even low-skilled attackers to produce high-quality phishing pages rapidly.
"The observed activity confirms that today's threat actors are actively experimenting with and weaponizing leading GenAI tools to streamline and enhance their phishing capabilities."
"This observation signals a new evolution in the weaponization of Generative AI by threat actors who have demonstrated an ability to generate a functional phishing site from simple text prompts."
Collection
[
|
...
]