cd /news/artificial-intelligence/catching-ai-cloned-phishing-sites-be… · home topics artificial-intelligence article
[ARTICLE · art-55994] src=dev.to ↗ pub= topic=artificial-intelligence verified=true sentiment=· neutral

Catching AI-Cloned Phishing Sites Before Customers Do

A developer built impersona.io to detect AI-cloned phishing sites before they go live. The tool generates domain variations an attacker would register, checks DNS and WHOIS data, and crawls live sites for evidence. It addresses the challenge of AI tools that can clone websites pixel-perfectly in under a minute.

read2 min views1 publishedJul 12, 2026

AI tools can clone a website pixel-for-pixel in under a minute now. One open-source tool for AI coding agents does it in a single command: drive a real browser, read the computed CSS off the rendered page, loop a visual diff until the copy matches. It passed 13,029 GitHub stars within six weeks of release. No design skill required anymore, just a target.

That's the problem I built impersona.io to solve. Once a fake is that easy to make convincing, "does this page look right" stops being a useful detection signal. You'd be checking the one thing the cloning tool is explicitly built to get right.

So the detection has to start earlier, before the clone even goes live. Here's the actual pipeline: generate the domain variations an attacker would realistically register (typos, homoglyphs, TLD swaps, keyword combos), resolve each one against live DNS and drop anything that doesn't exist, pull WHOIS/RDAP data to see how old the registration is and who's behind it, then crawl the ones that are live and capture the evidence: DOM snapshot, headers, certificate chain. Every alert comes with the reasoning behind it, not just a score.

A freshly-registered lookalike behind a privacy proxy, with a brand-new TLS certificate and a login form that mimics yours, is a very different signal than a ten-year-old parked domain that happens to share a word with your brand name. That contrast is most of the actual detection work.

It's not complete. A clone hosted on a shared platform subdomain, something like brand.vercel.app

, can share one certificate across thousands of other sites, so it's a harder catch. And finding a clone isn't the same as getting it taken down. That part still needs a person reviewing the evidence before anything goes to a registrar.

Free check at impersona.io/brand-check if you want to see what's already out there for your own domain. No signup needed to see the summary.

── more in #artificial-intelligence 4 stories · sorted by recency
── more on @impersona.io 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/catching-ai-cloned-p…] indexed:0 read:2min 2026-07-12 ·