Cybersecurity experts are raising the alarm about a troubling new trend: AI spear phishing. Hackers are now leveraging powerful generative AI tools like Vercel’s v0.dev to create phishing websites that mimic real login pages for companies like Microsoft 365, Okta, and even crypto exchanges.
These sites are so realistic that even trained users may struggle to tell the difference.
AI Spear Phishing attacks with v0.dev
Vercel’s v0.dev tool allows users to create sleek, responsive web interfaces simply by typing natural language commands like:
“Build me a Microsoft login page with corporate branding.”
According to ZDNet, hackers are inputting prompts that generate pixel-perfect clones of real company portals, including logos, brand colors, and form fields. Even worse, these fake sites are often hosted on Vercel’s legitimate infrastructure, which makes their URLs and SSL certificates appear trustworthy.
“With AI tools like v0.dev, phishing sites can now look pixel-perfect,” researchers at Okta warned. “There are no obvious red flags for users.”
