Unknown cybercriminals have begun actively using the Vercel v0 generative tool to create believable phishing pages from text-only prompts. This demonstrates a new era in the use of AI for scalable attacks without the need for programming skills.
According to analysts at Okta Threat Intelligence, attackers are able to create functional fake login pages for well-known brands. In most cases, they do not just copy the design, but also place logos and other elements on the Vercel hosting itself – thereby increasing the credibility of the fake pages and avoiding detection.
The v0.dev platform allows anyone to create a site using only a text description. This means that even inexperienced attackers can generate phishing sites in a matter of minutes. With open repositories on GitHub cloning v0, this trend is only intensifying.
This case is part of a broader trend where LLMs (large language models) are being used for social engineering. Uncensored LLMs, such as WhiteRabbitNeo, are spreading in hacking circles, designed specifically for malicious purposes: writing malicious code, fake emails, deepfake videos, and other deception methods.
Cisco Talos notes that attackers are increasingly turning to such models because they have no restrictions – unlike secure commercial versions. This allows them to generate more dangerous and complex content.
The massive use of AI for phishing is not the future, but the present. Vercel v0, as an example, allows you to instantly create deception networks that are difficult to combat with traditional methods. Organizations need to reconsider their approaches to protection, implement monitoring of generative content, and train users to recognize new types of attacks. The next wave of phishing will not only be massive – it will be incredibly convincing.
17 
29 
19 