Threat Actors Use Vercel v0 AI Tool to Create Phishing Sites

AI Tools Empower Scalable Phishing Campaigns with Realistic Fake Sign-In Pages

  • Attackers are using Vercel’s v0 AI tool to create convincing fake sign-in pages for phishing attacks.
  • Threat actors can generate functional phishing sites quickly using simple text prompts, lowering the skill needed to launch attacks.
  • Vercel has blocked access to phishing pages after receiving responsible disclosure from security researchers.
  • Cybercriminals are also using uncensored large language models (LLMs) like WhiteRabbitNeo to assist in malicious operations.
  • The trend highlights a shift toward AI-driven phishing campaigns, making scams more scalable and automated.

Unknown threat actors have been detected using Vercel’s v0 AI-powered development tool to generate realistic fake login pages for phishing attacks, according to security research released on July 2, 2025. The incidents involve attackers creating websites that closely mimic real sign-in portals in order to steal login credentials.

- Advertisement -

Researchers from Okta Threat Intelligence reported that these attackers use v0 to quickly produce deceptive websites by entering basic text prompts, eliminating the need for coding skills or complex setup. This approach lets even inexperienced actors launch phishing sites at scale and with speed.

Okta observed that some phishing attempts used brands, including an unnamed Okta customer, and hosted company logos directly on Vercel infrastructure. After receiving reports, Vercel acted to restrict access to the identified phishing resources. According to Okta’s researchers, “This observation signals a new evolution in the weaponization of Generative AI by threat actors who have demonstrated an ability to generate a functional phishing site from simple text prompts.” The use of v0.dev and open-source clones allows fast, large-scale creation of deceptive pages.

Cybersecurity analysts note that this type of AI-driven phishing differs from traditional “phishing kit” methods, which previously required greater technical expertise or time investment. “The observed activity confirms that today’s threat actors are actively experimenting with and weaponizing leading GenAI tools to streamline and enhance their phishing capabilities,” Okta’s researchers stated.

The increase in AI-enabled cybercrime is also seen in how criminals use uncensored large language models (LLMs). One model, called WhiteRabbitNeo, is marketed as an “Uncensored AI model for (Dev) SecOps teams,” but researchers say it is being deployed for illicit purposes. Cisco Talos researcher Jaeson Schultz said, “Cybercriminals are increasingly gravitating towards uncensored LLMs, cybercriminal-designed LLMs, and jailbreaking legitimate LLMs.” Schultz added that these models operate without safety constraints, making them well-suited for cybercriminal use.

Recent trends show that phishing now involves AI-generated fake emails, voice clones, and deepfake videos, allowing cybercriminals to automate and expand their operations. As these tools lower technical barriers, the number and sophistication of phishing attacks continue to grow.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -

Latest News

Vitalik Buterin Donated and Burned 460T Shiba Inu Tokens in 2021

Shiba Inu launched on August 1, 2020, with half its total supply sent to...

OpenAI Disavows Robinhood’s Tokenized Stock Giveaway as “Fake”

Robinhood introduced tokenized stocks tied to OpenAI and SpaceX for its European users. OpenAI stated...

Ripple Applies for US Banking License, Seeks Fed Master Account

Ripple Labs is seeking a national banking license in the United States from the...

Radix Launches Early Test for 1 Billion XRD DeFi Rewards Campaign

Radix will run a public test of its new DeFi rewards campaign from July...

Investors Pump $380M into Four Surging DeFi Protocols in June

Four emerging DeFi projects saw a combined inflow...

Must Read

6 Best VPN Providers That Accept Monero

Privacy and anonymity are probably the most important things that we should all consider in today's internet era. Although there are a lot of...