‘Phantom Squatting’ Emerge as AI-Generated Domain Risk for Brands
Security researchers are warning about a new supply chain concern they describe as phantom squatting, a tactic that takes advantage of large language models’ tendency to invent web domains for real co...
Security researchers are warning about a new supply chain concern they describe as phantom squatting, a tactic that takes advantage of large language models’ tendency to invent web domains for real companies. When users ask an AI assistant for a brand’s website, support page, or partner portal, the model may confidently produce a domain name that looks plausible but does not actually belong to the organization.
That behavior can create an opening for attackers. If a fabricated domain is registered before the mistake is discovered, it may be used for phishing, credential theft, malware delivery, or other impersonation schemes. Because the address comes from an AI-generated recommendation rather than an obvious typo, the false domain can appear more credible than traditional lookalike sites built through simple misspellings.
Analysts say the risk is especially relevant for companies with many products, regional sites, or recently launched services, since those are areas where AI systems are more likely to guess incorrectly. The concern is not that LLMs are directly compromising infrastructure, but that their confident-sounding errors can be weaponized by someone willing to register the invented domain and build a malicious site around it.
Why the issue matters
- AI assistants may present invented domains as if they were official.
- Attackers can register those unused names and impersonate a brand.
- Users may trust the result because it appears to come from a knowledgeable system.
- The tactic can be difficult to spot with standard phishing filters and manual review.
Experts advise organizations to monitor for suspicious registrations that resemble AI-generated references to their brands, and to provide users with verified links through official channels. For the public, the safest approach is to confirm web addresses independently rather than relying on an AI-generated domain suggestion.
