#United States #Phishing #Salt Lake City #Netcraft #quishing

The Rise of AI-Powered Cyber Threats in 2025

In the first half of 2025, emerging cyber threats have captured the attention of experts in cybersecurity, particularly those at Netcraft, a leader in brand protection and threat disruption. Their recent findings underscore the alarming growth of AI-based phishing attacks, quishing techniques, and scalable spoofing tools that threaten consumer trust and brand integrity across various industries.

Key Findings

The research reveals several troubling trends that have emerged as key facets of cybercrime.

Phishing AI Hallucinations

Netcraft's investigation highlighted that large language models (LLMs), which are often leveraged for numerous applications, are susceptible to “hallucinations.” This refers to the model generating misleading or incorrect outputs, such as unverified brand URLs. It was found that of 131 hostnames returned from queries about 50 well-known brands, a staggering 34% were not controlled by the brands themselves. When these models mistakenly present fraudulent sites as legitimate sources, users may inadvertently click through, compromising their personal information.

Search Engine Manipulation

Additionally, threat actors have begun “poisoning” search results, effectively using tactics that capitalize on existing SEO methodologies. Netcraft researchers uncovered a sophisticated operation involving SEO poisoning via a platform named Hacklink, where cybercriminals purchase access to thousands of compromised websites. This manipulation is intended to elevate malicious sites in search engine rankings, evading traditional brand protection measures and misleading consumers further.

Surge in Quishing Attacks

Another alarming trend is the notable increase in quishing attacks, which utilize QR codes to redirect unsuspecting victims to phishing links. This method is particularly effective as it exploits the convenience and lack of caution associated with QR code technology. Brands that frequently use these codes risk having their identity spoofed, leading to significant data theft.

Rise of Toll Text Scams

Recent data from Netcraft indicates a sharp escalation in toll text scams. In a span of just two weeks, URLs targeting certain states surged by over 200%, with significant increases in scams associated with the Department of Motor Vehicles (DMV). These smishing tactics encourage users to click on links under the guise of unpaid toll balances, showcasing the ease with which attackers can target drivers across local jurisdictions.

Scalable Impersonation-as-a-Service

The research also sheds light on the emergence of new tools designed for impersonation-as-a-service. These platforms allow adversaries to rapidly create duplicates of corporate websites, capturing user credentials upon entry. Netcraft's findings reveal that these services are enabling rapid deployment of phishing sites, creating a substantial challenge for security teams striving to protect their brands.

Expert Insights

Ryan Woodley, CEO of Netcraft, emphasized, “Attackers never stop innovating, as our latest research illustrates, so defenders can't stop, either.” He stressed the importance of security teams having access to current threat intelligence and automation technologies that extend beyond conventional protections. Netcraft’s integrated approach combines rules-based processing with pattern recognition and AI, positioning it as a formidable resource in combating these evolving threats.

About Netcraft

Founded over two decades ago, Netcraft is committed to protecting the digital integrity of brands by providing cutting-edge threat intelligence and automated security solutions. Trusted by major corporations and governments globally, Netcraft has successfully disrupted a significant portion of online cybercrime. Their proactive measures against phishing and scams have led to the takedown of one-third of worldwide phishing sites, highlighting their role as a critical player in the fight against cyber threats.

For more insights on cybersecurity trends and to stay informed on the evolving landscape, visit Netcraft's official website.