Sunrise:
Sunset:
°C
Follow Us

Phantom squatting: the new AI trap that steals your passwords without you noticing

Hackers figured out how to leverage AI hallucinations to steal credentials. We explain what phantom squatting is and how to protect yourself.

Phantom squatting the new AI trap that steals your passwords without you noticing
Time to Read 3 Min

If you think you already know all the tricks of cybercriminals, get ready because they have just released a new one. It's called phantom squatting and it exploits a weakness that almost no one associates with a real risk, which is the hallucinations of language models. According to Microsoft, more than 57% of organizations already identify attacks where artificial intelligence plays a direct role, so this is not science fiction but a threat from this year.

What is phantom squatting?

When you ask a chatbot for a specific link, such as a brand's support portal or a software download page, the model does not verify in real time whether that address exists. It simply predicts what that URL should look like based on patterns learned during its training, and often generates a perfectly structured address that points to a domain that was never registered.

Phantom squatting joins variants that already existed, such as typosquatting (typographical errors), combosquatting (adding words to the brand name) or homograph attacks, which use characters from other alphabets almost identical to the Latin ones. The key difference is that this attack does not depend on the user making a mistake when typing, but rather on the AI ​​itself making the mistake first.

How the attack works step by step

The process has a simple logic to execute and that is why it is becoming so popular among criminals.

The most worrying thing is that these domains are completely new, so traditional antivirus tools have no chance of detecting them in time.

Cybersecurity in the era of artificial intelligence

The appearance of phantom squatting is just a symptom of something much bigger, and that is that classic cybersecurity based on signatures and blacklists is no longer enough to stop threats generated by AI. PwC's global report on threat dynamics for 2026 confirms the trend and warns that attackers no longer need to “break down the door,” because they enter using stolen credentials and move within systems as legitimate users.

Generative models enabled something that was previously unthinkable, which is to manufacture thousands of unique and psychologically personalized phishing emails in seconds, constantly changing their structure to evade any pattern-based filters. Added to this is the advance in voice cloning and video deepfakes, which have already allowed million-dollar scams where criminals impersonated entire executives during corporate video calls.

AI as a defensive ally

The good news is that artificial intelligence has also become the most important defensive ally that exists today. Microsoft insists that the path involves applying the same principles as always, such as identity management and constant verification, but now also extended to the AI ​​agents themselves, which must be treated as digital identities subject to governance. Multi-factor authentication remains one of the most effective defenses, capable of preventing up to 99.9% of attacks according to Microsoft data.

In the end, we are seeing an arms race where both attackers and defenders use the same technology, just with opposite objectives. The practical lesson is clear: never blindly trust a link just because a chatbot recommended it, no matter how convincing the answer seems.

This news has been tken from authentic news syndicates and agencies and only the wordings has been changed keeping the menaing intact. We have not done personal research yet and do not guarantee the complete genuinity and request you to verify from other sources too.

Also Read This:




Share This:


About | Terms of use | Privacy Policy | Cookie Policy