All incidents

Phantom squatting phishing campaign exploits AI‑hallucinated domains

incidentopenJul 1, 2026 — Jul 1, 2026
Phantom squatting phishing campaign exploits AI‑hallucinated domains

PHANTOM squatting phishing campaigns that abuse AI‑hallucinated domains have been observed in the wild since early July 2026, according to analysis by The Hacker News. The attacks use fabricated web addresses that mimic legitimate brands to trick users into revealing credentials.

Researchers at Unit 42 explain that large language models frequently hallucinate domain names for genuine companies, and threat actors register these fabricated addresses to host credential‑harvesting pages. No CVE has been assigned to this tactic because it relies on social engineering rather than software vulnerability. The technique leverages the model’s tendency to invent plausible‑sounding names that have never been registered before.

The Unit 42 study identified more than 250 000 such hallucinated domains, with attackers registering them as much as 51 days after the name first appeared in model output. This gap provides defenders with a narrow window to act before the malicious site goes live. The observed attack chain follows the stages of discover, act, lure and bypass.

No specific threat actor has been attributed to the activity, and the newly registered domains evade traditional reputation filters because they have no prior malicious history. The campaign highlights how AI‑generated content can be weaponised outside of traditional software exploits.

Defenders should continuously monitor AI model outputs for hallucinated variants of their brand names, feed those strings into domain‑registration watch services and block any matching registrations at the DNS resolver level. They should also enforce strict TLS verification and run regular user‑training that highlights subtle URL mismatches. Keeping an inventory of owned domains and monitoring for look‑alike registrations reduces the attack surface.

Implementing zero‑trust validation for every outbound connection helps ensure that only legitimate services are reachable. Deploying AI‑driven anomaly detection on DNS queries and sharing observed indicators with industry ISACs further strengthens collective defence.

Intelligence briefing updated Jul 1, 2026

Timeline Coverage

Swipe to explore timeline