DEV Community

Catching AI-Cloned Phishing Sites Before Customers Do

AI tools can clone a website pixel-for-pixel in under a minute now. One open-source tool for AI coding agents does it in a single command: drive a real browser, read the computed CSS off the rendered page, loop a visual diff until the copy matches. It passed 13,029 GitHub stars within six weeks of release. No design skill required anymore, just a target.

That's the problem I built impersona.io to solve. Once a fake is that easy to make convincing, "does this page look right" stops being a useful detection signal. You'd be checking the one thing the cloning tool is explicitly built to get right. So the detection has to start earlier, before the clone even goes live.

The Detection Pipeline

Here's the actual pipeline:

  • Generate the domain variations an attacker would realistically register (typos, homoglyphs, TLD swaps, keyword combos)
  • Resolve each one against live DNS and drop anything that doesn't exist
  • Pull WHOIS/RDAP data to see how old the registration is and who's behind it
  • Crawl the ones that are live and capture the evidence: DOM snapshot, headers, certificate chain

Every alert comes with the reasoning behind it, not just a score. A freshly-registered lookalike behind a privacy proxy, with a brand-new TLS certificate and a login form that mimics yours, is a very different signal than a ten-year-old parked domain that happens to share a word with your brand name. That contrast is most of the actual detection work.

Limitations

It's not complete. A clone hosted on a shared platform subdomain, something like brand.vercel.app, can share one certificate across thousands of other sites, so it's a harder catch. And finding a clone isn't the same as getting it taken down. That part still needs a person reviewing the evidence before anything goes to a registrar.

Free check at impersona.io/brand-check if you want to see what's already out there for your own domain. No signup needed to see the summary.

Comments

No comments yet. Start the discussion.