Latest research reveals how AI tools, search engine manipulation, and phishing-as-a-service platforms are accelerating cybercrime and eroding consumer trust at scale

SALT LAKE CITY and LONDON, Aug. 5, 2025 /PRNewswire/ -- Netcraft, the global leader in brand protection and threat disruption, has uncovered new trends for emerging threats in the first half of 2025, providing a clear indication of what's to be expected in the coming months. The findings reveal a sharp escalation in large-scale impersonation attacks targeting consumer trust and brand integrity, underscoring the risks that AI tools introduce.

Among the key findings and trends:

• LLMs are falling for phishing: AI hallucinations and model manipulation are driving referral traffic to phishing sites. In fact, Netcraft researchers found that of 131 hostnames provided in response to natural language queries for 50 brands, 34% of them weren't controlled by the brands at all. This is problematic because when an AI model hallucinates a phishing link or recommends a scam site, the fraudulent site is presented as a verified source, providing the user confidence and increasing the likelihood they click through.
  
  
• Weaponization of search engines: Threat actors are "poisoning" search results with convincing lookalike sites and leveraging SEO tactics to evade traditional brand protection tools. Netcraft researchers uncovered an organized SEO poisoning operation using a platform called Hacklink, a marketplace that enables cyber criminals to purchase access to thousands of compromised websites and inject malicious code designed to manipulate search engine algorithms.
  
  
• Quishing is surging: Quishing attacks use QR codes to drive victims to malicious phishing links. Netcraft researchers have seen an uptick in these tactics, in large part because they can catch people off guard to successfully steal private and personal information. If a company uses QR codes or its customers interact with the brand online, there's potential for serious abuse by attackers to spoof your brand.
  
  
• Toll text scams are on the rise: During a two-week period this summer, Netcraft researchers discovered URLs targeting some states growing by more than 200%, with DMV scams increasing across the U.S. DMV and toll text scams, in which bad actors target drivers with fraudulent messages urging them to click a malicious link to pay an unpaid balance, are on the rise. That's largely because this approach, smishing, is a relatively cheap and easy method cyber criminals can use to carry out attacks.
  
  
• Scalable impersonation-as-a-service: New tools are emerging that enable rapid-fire brand spoofing at an unprecedented volume and efficiency. These tools can clone and deploy a copy of a company's website and steal credentials as they're entered. Netcraft researchers have discovered threat actors using such services to create new phishing sites in just minutes.

Ryan Woodley, CEO, Netcraft, said: "Attackers never stop innovating, as our latest research illustrates, so defenders can't stop, either. To properly defend against the attacks outlined here, security teams need current threat intelligence and automation capabilities that extend beyond the corporate perimeter. Netcraft's detection and threat analysis is a force multiplier, combining rules-based processing and pattern recognition with AI to achieve optimal outcome."

About Netcraft
Netcraft, global leader in brand protection and threat disruption, is a trusted partner for six of the 10 most valuable companies in the world, 16 of the 50 largest banks, and many of the world's leading governments. We combine 20+ years of experience with cutting-edge automation, deep integrations across internet infrastructure, and threat intelligence that scales. We take down nearly one-third of the world's phishing sites and block 225+ million malicious sites and counting. With a deep and broad network across the internet infrastructure community, Netcraft delivers real-time detection and rapid takedowns to protect your customers, brand, and business.
For more information, visit www.netcraft.com.

Media Contact:
Corey Eldridge
Force4 Technology Communications
corey@force4.co

View original content to download multimedia:https://www.prnewswire.com/news-releases/ai-powered-phishing-quishing-and-scalable-spoofing-netcraft-uncovers-emerging-cyber-threats-in-2025-302521274.html

SOURCE Netcraft