More threat actors have been abusing artificial intelligence platforms Vercel, Lovable, and Netlify for fake CAPTCHA page creation and hosting in phishing campaigns since earlier this year, according to Infosecurity Magazine.After exploiting vibe coding to create a bogus CAPTCHA or phishing page on Lovable or producing a stream of counterfeit pages via AI coding assistants integrated via Vercel or Netlify, attackers have been distributing malicious emails luring victims to take immediate action by clicking embedded URLs that redirect to the phony CAPTCHA and the phishing page, enabling sensitive data compromise, a report from Trend Micro revealed."The rise of fake CAPTCHA phishing highlights how attackers are weaponizing AI-powered website creation platforms. While these services drive innovation for legitimate developers, they can also provide cybercriminals with the tools to launch phishing attacks at scale, quickly and at minimal cost," said Trend Micro researchers, who recommended the adoption of redirect chain-analyzing defenses and improved employee education to better counter such a threat.
You can skip this ad in 5 seconds