Cybercriminals are constantly finding new methods to trick people into phishing and fraudulent websites aimed at stealing personal credentials and distributing malware that can harm data and systems. Browsers like Chrome, along with search engines, are working hard to scan and combat these malicious sites, but they often rely on automated systems to handle the vast number of threats.
Recently, there’s been a rise in the use of AI-powered cloaking software by hackers. This technology can evade scanners by showing them harmless pages while presenting harmful content only to actual users. This advanced cloaking tactic significantly boosts the survival odds of phishing and malware sites, making it tougher for traditional detection methods to keep you safe.
AI-driven web cloaking tricks you into it here
Research from SlashNext reveals that cybercriminals have adopted a new strategy that allows them to remain almost undetectable to security systems aiming to shut down fraudulent websites. This method, known as web cloaking, uses artificial intelligence to conceal phishing pages and malware distribution sites from automated scanners, only exposing them to human victims.
Platforms like Hoax Tech and JS Click Cloaker are key players in this trend. They market themselves as tools for traffic filtering aimed at digital marketers but are also exploited to protect criminal operations. By utilizing advanced fingerprinting and machine learning, these services dictate what each visitor can see.
How Cloaking Tools Outsmart Detection Systems
Hoax Tech builds a digital fingerprint for every visitor by analyzing numerous data points, including browser configurations and geographical locations. Their AI engine, named Matchex, compares this information against a database of known crawlers. If it identifies a suspicious visitor, it redirects them to a benign site. Conversely, genuine visitors are shown the harmful content.
JS Click Cloaker operates similarly, claiming to assess over 900 parameters with each visit. It scans for unusual behavior and uses historical data to decide whether the actual page should be accessible, incorporating features like traffic splitting.
Both platforms utilize a “white pages” and “black pages” system. This shows security scanners a white page that seems harmless while delivering malicious content to human visitors. Such selective targeting extends the lifespan of phishing campaigns and fraudulent sites.
Six ways to stay safe from scam sites
With cybercriminals utilizing sophisticated cloaking tools to remain hidden, identifying malicious websites is becoming increasingly challenging. Nevertheless, you can take steps to protect yourself.
1. Stick to reliable sources: Avoid clicking on links from unknown senders. If you’re uncertain, type the URL directly.
2. Use powerful antivirus software: This can evaluate suspicious links before you open them.
3. Choose a security-focused browser: Browsers like Firefox can provide built-in protection against risky content.
4. Keep your software updated: Regular updates ensure you’re using the latest security features.
5. Check the login page: If a site unexpectedly asks for your credentials, verify the URL carefully, as cloaked phishing pages can look remarkably similar to legitimate ones.
6. Enable two-factor authentication (2FA): This adds an extra layer of security, requiring additional verification even if your login details are compromised.
Important points to consider
AI-driven cloaking techniques complicate the identification and removal of malicious sites. This growing market leverages aggressive services that are inexpensive and scalable. For cybercriminals, cloaking has evolved from a fringe strategy to an integral part of their operations. Although you may not realize it yet, these tools are fundamentally changing how digital scams are executed.
Do you believe your browser and search engines are sufficiently equipped to guard against these advanced scams? Feel free to share your thoughts.
