Cyber attackers are using AI tools to build realistic fake websites. This is how to spot them

An old scam, re-booted by AI

Lookalike website hosting is not a new threat. Fraudsters have been building fake sites for years. However, the speed and sophistication of AI tools has changed the nature of the scams. Previously, because of the effort required, attackers would imitate only the sites with the biggest traffic (PayPal, Netflix etc.). However, these fakes were relatively easy to spot. And the big site owners had the resources to discover the copycat sites and take them down.

Now, fraudsters are targeting smaller businesses to conduct more targeted scams. For example there have been accounts of attackers setting up fake sites of recently closed companies to offer discounted stock. They even create ads using images stolen from the target company to direct people to the cloned URL, make fake sales and steal personal data.

Regrettably, fake website fraud is now rampant. Netcraft identified nearly 100,000 domains created with the help of illicit AI tools, impersonating 194 different brands across 68 countries. The firm estimates these fake sites now account for six to seven percent of all phishing activity online.

Top tips to avoid the clones

Thanks to AI, fake sites look more realistic than ever before. But they are not the real thing. They are still replicas. With a bit of caution, users can defend themselves against this threat. Here are some useful techniques.

Study the domain name carefully

Scammers can't use the exact domain name of the targeted clone site. So, they use tricks to get close - using a letter O instead of a zero (0) or a lower-case l instead of a 1.

Use a fake website checker

A number of specialist sites now offer a simple search box. Google Transparency Report is a free resource that examines billions of URLs daily to find unsafe or compromised websites. Enter the URL to see if a site is malicious or legitimate.

Look out for URLs with subdomains

Fraudsters occasionally add a legitimate-looking subdomain to their URL to confuse visitors. A hypothetical example might be paypal.offer.com. This looks like a PayPal address, but the URL is actually offer.com.

Think before you link

Attackers use phishing scams to drive traffic - typically via bogus links in email or text. Check the address. Better still, avoid the link and manually type the address of the website you intend to visit in the browser. It is also a good idea to bookmark the official websites you use frequently.

Beware of QR codes

Never scan a QR code unless you are sure it is a trusted source.

Check the design quality

As this article makes clear, AI tools have eradicated many of the flaws in fake websites. But it is still worth checking the quality of design and copy.

Check the contact details

Bogus sites will probably not feature a physical address or 'contact us' phone number. If they do, they won't be working.

Find out the domain age

Fake websites rarely stay online for long. You can check the Whois Lookup domain tracker to see details such as the owner's organisation name, country of registration, and age of the domain. They will provide useful clues.

Copy and paste Ts and Cs

Fake websites usually copy their target URL's legal policies. If you are unsure, try copying and pasting the copy into a web browser to see if it's been lifted from elsewhere.

Beware of suspicious payment options

Fake websites might ask for unusual non-traceable payment methods - such as gift cards, bank transfers, cryptocurrencies, or payment apps. This is a red flag, and any legitimate brand will always offer traditional and safer methods.

Google for scams

If you are in any doubt, you can type the suspicious website name along with 'scam' into your web browser. It might surface reports of criminal clones.

Look for 'HTTPS' - but remember it's not a guarantee
When a URL displays "https://" and a padlock icon, it shows the presence of an encrypted connection. This can be a useful indication that it is legitimate. But, on its own, it doesn't confirm the site is genuine.

History teaches us that the war against cyber crime is never won. Attackers keep finding new tools to evade defences and modify their scams. AI web site builders are the latest. Companies and consumers must be watchful at all times. With caution, they can protect themselves even from the most convincing fakes.

The scammers' favourite fakes

Here are some of the most common types of cloned web pages.

Discount online stores

Scammers mimic real e-commerce stores offering irresistible deals. They steal payment information or sell non-existent products.

Login pages

Fake login pages that fraudsters use to collect a person's username and password.

Customer support sites

Scammers pose as technical support services to secure remote access to a person's computer.

Package delivery companies

People receive so many online deliveries now that they expect to see messages from courier companies. This makes them a ripe target for scammers, who use them to gather account, address and payment credentials.

Flight booking

Scammers use fake travel websites to steal personal information (name, address, passport number, credit card) and sell fake tickets.