Cybercriminals Using Artificial Intelligence to Create Phishing Strategies: VibeScamming

VibeScamming derives inspiration from a software development approach that does not require coding, called vibe-coding.

As it concerns cybercriminals, this implies that crafting a phishing scheme calls for little more than an idea and access to a readily available artificial intelligence chatbot.

Guardio’s cybersecurity researchers have pinpointed this phenomenon as a major threat, in which generative artificial intelligence can now design counterfeit Microsoft login pages to carry out SMS phishing activities without having to write a line of code.

To understand the real-world dangers, Guardio designed the VibeScamming Standard v1.0. This is a technical decision-tree–based framework that mimics phishing activity.

The standard examines top AI platforms’ defense techniques against misuse by taking on the persona of an inexperienced scammer and testing each model with prompts developed to elicit assistance in building scam activities.

Throughout every phase of development—from early conceptualization to advanced refinement—researchers assess whether AI systems can be coerced into bypassing safeguards to produce harmful outputs. These include tools for building scam websites, methods for evading detection, and workflows designed to harvest user credentials.

Benchmark Testing Reveals Security Gaps Across Top AI Models

A comprehensive evaluation was conducted on three prominent AI platforms: OpenAI’s ChatGPT, Anthropic’s Claude, and the newer web-based application builder, Lovable. The findings revealed significant differences in both ethical controls and vulnerability to exploitation.

ChatGPT demonstrated strong defensive behavior, consistently rejecting harmful requests and limiting responses to high-level, non-operational information.

Claude showed more variability. While it initially resisted malicious instructions, it often became more permissive when prompts were framed around “ethical hacking,” ultimately generating detailed scripts and techniques intended to bypass safeguards.

The most alarming results came from Lovable. Designed to rapidly build and deploy web applications, it enables the creation of highly realistic phishing websites with little friction. The platform supports full hosting, administrative panels to collect stolen credentials, and integrated SMS campaign tools, all with minimal guardrails.

Among the most troubling observations was Lovable’s ability to generate highly accurate replicas of login pages, whether from simple text prompts or uploaded screenshots. In multiple cases, it successfully cloned Microsoft’s authentication interface and embedded real-world phishing mechanisms—redirecting users to the legitimate site after credentials were captured and hosting the malicious pages on misleading subdomains that closely mimicked genuine ones.

Escalating Cybersecurity Risks from Frictionless AI Development Tools

By the time researchers increased their assaults with prompts seeking detection evasion, Claude and Lovable responded with complex evasion methods, such as blocking browser fingerprinting functionality and randomizing page elements.

Lovable provided a very resilient and clear code implementation. This underscores the power and risk of frictionless AI-powered development tools.

This standard also examines backend manipulations and credential collection.

Both Lovable and Claude were observed producing scripts that enabled the storage and exfiltration of sensitive information through multiple channels, including anonymized external APIs and direct integrations with Telegram. This capability highlights how such models could be leveraged to scale and automate cybercriminal operations.

Taken together, the findings present a concerning outlook. Although established platforms like ChatGPT have made notable progress in strengthening ethical safeguards, the rapid evolution of AI—particularly tools designed for easy, end-to-end application creation—continues to lower the barrier to sophisticated cyberattacks, expanding the threat landscape.

These particular characteristics make these tools attractive for quick design and simulation. This also makes them very potent weapons in the hands of criminals.

This research emphasized a strengthened focus on the responsibility of AI developers to harden their models against criminal use.

As VibeScamming grows more accessible and scalable, the cybersecurity risks intensify, underscoring the urgent need to reinforce AI safeguards so that innovation does not undermine public safety.