Threat Actors Use Vercel v0 AI Tool to Create Phishing Sites

AI Tools Empower Scalable Phishing Campaigns with Realistic Fake Sign-In Pages

  • Attackers are using Vercel’s v0 AI tool to create convincing fake sign-in pages for phishing attacks.
  • Threat actors can generate functional phishing sites quickly using simple text prompts, lowering the skill needed to launch attacks.
  • Vercel has blocked access to phishing pages after receiving responsible disclosure from security researchers.
  • Cybercriminals are also using uncensored large language models (LLMs) like WhiteRabbitNeo to assist in malicious operations.
  • The trend highlights a shift toward AI-driven phishing campaigns, making scams more scalable and automated.

Unknown threat actors have been detected using Vercel’s v0 AI-powered development tool to generate realistic fake login pages for phishing attacks, according to security research released on July 2, 2025. The incidents involve attackers creating websites that closely mimic real sign-in portals in order to steal login credentials.

- Advertisement -

Researchers from Okta Threat Intelligence reported that these attackers use v0 to quickly produce deceptive websites by entering basic text prompts, eliminating the need for coding skills or complex setup. This approach lets even inexperienced actors launch phishing sites at scale and with speed.

Okta observed that some phishing attempts used brands, including an unnamed Okta customer, and hosted company logos directly on Vercel infrastructure. After receiving reports, Vercel acted to restrict access to the identified phishing resources. According to Okta’s researchers, “This observation signals a new evolution in the weaponization of Generative AI by threat actors who have demonstrated an ability to generate a functional phishing site from simple text prompts.” The use of v0.dev and open-source clones allows fast, large-scale creation of deceptive pages.

Cybersecurity analysts note that this type of AI-driven phishing differs from traditional “phishing kit” methods, which previously required greater technical expertise or time investment. “The observed activity confirms that today’s threat actors are actively experimenting with and weaponizing leading GenAI tools to streamline and enhance their phishing capabilities,” Okta’s researchers stated.

The increase in AI-enabled cybercrime is also seen in how criminals use uncensored large language models (LLMs). One model, called WhiteRabbitNeo, is marketed as an “Uncensored AI model for (Dev) SecOps teams,” but researchers say it is being deployed for illicit purposes. Cisco Talos researcher Jaeson Schultz said, “Cybercriminals are increasingly gravitating towards uncensored LLMs, cybercriminal-designed LLMs, and jailbreaking legitimate LLMs.” Schultz added that these models operate without safety constraints, making them well-suited for cybercriminal use.

Recent trends show that phishing now involves AI-generated fake emails, voice clones, and deepfake videos, allowing cybercriminals to automate and expand their operations. As these tools lower technical barriers, the number and sophistication of phishing attacks continue to grow.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -

Latest News

Prosecutors Weigh Charges Against Dragonfly Over Tornado Cash Ties

U.S. prosecutors are considering charges against Dragonfly Capital over its investment in Tornado Cash’s...

Prosecutors Weigh Charges Against Dragonfly Capital Over Tornado Cash

Prosecutors in New York said they may file criminal charges against employees at Dragonfly...

US, UK Employees Risk Data Leaks Using Chinese GenAI Tools, Study Finds

Employee use of Chinese generative AI tools in the US and UK is widespread...

Chris Larsen Sells $175M XRP, Sparks Centralization Concerns

Chris Larsen, Ripple's co-founder, transferred $175 million in XRP during a recent price rally,...

GENIUS Act Spurs Debate Over Stablecoin Redemption and Run Risks

The U.S. GENIUS Act on stablecoins has raised concerns about the safety and redemption...

Must Read

6 Best VPN Providers That Accept Monero

Privacy and anonymity are probably the most important things that we should all consider in today's internet era. Although there are a lot of...