The AI Made Up 250,000 Fake Websites — Hackers Are Buying Them Before You Can
Ask a chatbot for a company’s website. Sometimes it invents an address that doesn’t exist. Turns out crooks are camping on those made-up addresses waiting for you to walk in.
913 brands tested → 2.1 MILLION web addresses spat out → ~250,000 of them totally fake and up for grabs → hackers get an 18-to-51 day head start.
Palo Alto’s security crew (Unit 42) calls it “phantom squatting.” Full breakdown here: Unit 42 report · The Hacker News writeup

Look, here’s the thing. When you ask a chatbot “what’s the website for Brand X,” it doesn’t always know. Sometimes it just… guesses. Makes up a web address that sounds right. Feels right. And is 100% fake.
Now imagine thousands of people asking that same question every day, and the bot spits out the same fake address every time. That fake address is now a goldmine — because a pile of humans are gonna go there. The bad guys figured this out. They buy the fake address, throw up a fake login page, and just wait. You show up thinking it’s legit. You type your password. Game over.
Real talk: this is one of the cleanest scams I’ve seen in a minute. And there’s a legal way to flip it, which I’ll get to.
🧩 Dumb Mode Dictionary (read this first, takes 20 seconds)
| Fancy Word | What It Actually Means |
|---|---|
| Domain | A website address. Like nike.com. That’s it. |
| Hallucination | When AI confidently makes up something that isn’t true. Here: inventing a website that doesn’t exist. |
| Phantom squatting | Buying a fake address the AI invented, then sitting on it to trap people. “Squatting” = camping on a property that’s not really yours. |
| Phishing kit | A ready-made fake login page in a box. Copy, paste, steal passwords. No skills needed. |
| Supply chain | The chain of tools/companies you trust without checking. One weak link and everyone downstream gets hit. |
| Temperature | An AI setting for how “creative” (random) it gets. They tested every setting — the fake address showed up on ALL of them. |
👻 So what actually happened? (the short version)
Unit 42 (the research arm of security giant Palo Alto Networks) ran a giant experiment. They asked two big AI systems about 913 real brands — over 685,000 questions total.
The bots coughed up 2.1 million web addresses. And here’s the kicker:
- 13,229 were already flagged as dangerous.
- Around 250,000 were completely made-up addresses that nobody owns yet — just sitting there, free to claim.
The AI keeps inventing the SAME fake addresses over and over. So crooks don’t have to guess. They just watch what the bot hallucinates, buy that address, and set the trap. Dark Reading called it a full-on supply chain threat.
🕵️ The one real case that'll make your skin crawl
There’s a phishing operation Unit 42 nicknamed “Montana Empire.”
- March 8, 2026 — the AI systems hallucinate a fake address that looks like a national postal service’s shopping site. Same fake address, every setting, both AI brands.
- March 31, 2026 — a crook registers that exact address and slaps a fake marketplace login page on it.
- The crook even used an AI coding helper to build the fake page targeting the exact address the AI predicted. AI setting the trap for AI. Wild.
That’s a 23-day gap between “the AI started lying about this address” and “a criminal bought it.” In other cases the gap ran 18 to 51 days. (cybernews has more examples.)
That gap? That’s the whole story. Hold that thought.
📊 The receipts (numbers that matter)
| Thing | Number |
|---|---|
| Brands tested | 913 |
| Questions asked to AI | 685,339 |
| Web addresses the AI produced | 2.1 million |
| Already-dangerous ones | 13,229 |
| Made-up + unclaimed (up for grabs) | ~250,000 |
| Head-start hackers get | 18–51 days |
| AI settings the fake address showed up on | ALL of them |
Source: Unit 42’s full research and gbhackers coverage.
🗣️ What the timeline's saying
- Security folks are calling it the natural evolution of “typosquatting” (buying
gooogle.comto catch typos) — except now the AI does the typo for the victim. - The scary part everyone keeps repeating: the AI is consistent. It doesn’t hallucinate randomly. It hallucinates predictably. Which means the fake addresses are basically a leaked list of future crime scenes.
- The hopeful part: because it’s predictable, the good guys can see it coming weeks early — SC Media laid this out clearly. And that’s exactly where regular people can step in.
Cool. The Robot’s Inventing Fake Websites and Crooks Are Camping On Them… Now What the Hell Do We Do? (ง •̀_•́)ง

Here’s the beautiful part. That 18-to-51 day gap means the AI tells you where the crime WILL happen before it happens. You don’t need to be a hacker. You need to be fast and first. Five ways to play it, none of them illegal:
🪟 The Head-Start Land Grab
The AI hallucinates the same fake addresses over and over. Anyone can go ask a free chatbot “what’s the website for [Brand]?” a hundred times and write down every address it invents. Then check which of those addresses are still unclaimed. The unclaimed ones are the empty houses hackers haven’t robbed yet.
You register the cheap ones ($10 each on Namecheap) and point them straight to the brand’s REAL website. You just protected their customers — and now you’ve got a conversation starter to sell them protection.
Example: A 24-year-old IT student in Nigeria asks free chatbots for the fake addresses of 40 local banks, finds 6 unclaimed hallucinated ones, buys them for ~$8 each, and emails each bank’s security team: “Your customers are being sent to this fake address I’m now holding. Want it? Let’s talk.” Two banks pay him a $400 “finder + transfer” fee each.
Timeline: First unclaimed address found in a weekend. Real money in 2–3 weeks. This window closes once brands start scanning for their own phantom addresses — probably 6–12 months. Move now.
📡 The Phantom Watchlist
Don’t buy anything. Just watch. Build a simple running list: pick one industry (say, crypto exchanges), ask the AI for each brand’s site repeatedly, log every fake address it invents, and check daily whether a stranger just registered one (free with whois lookups or domain-monitoring alerts).
The moment a hacker claims a phantom address, YOU already knew it was coming. That’s an early-warning feed worth money to the brand being impersonated.
Example: A 22-year-old in the Philippines tracks phantom addresses for 15 online casinos. When one gets registered by a shady party, he screenshots the fake login page going live and sells the “you’re being impersonated RIGHT NOW” alert to the casino’s affiliate manager for $250 a pop. Three alerts in a month.
Timeline: Setup in a few days. First paid alert within a month. Stays alive as long as you keep the watchlist fresh — burnout is the real enemy, not a patch.
🗂️ Be the Dictionary Nobody Wrote Yet
This whole “phantom squatting” thing is brand new. There is NO simple, plain-English cheat sheet explaining it to normal business owners. So write it. A dead-simple guide: “How to check if AI is inventing fake versions of YOUR website — in 10 minutes, no tech skills.”
First good free guide on this becomes the thing everyone links to when they Google the scary new word. That’s free traffic you can point anywhere.
Example: A 26-year-old marketer in India writes a clean step-by-step guide, drops it free on Medium and a Reddit r/cybersecurity thread, and puts a “want me to scan your brand for $49?” button at the bottom. The guide ranks, the button converts. $600 first month.
Timeline: Guide written in a day. Traffic builds over 4–8 weeks. Golden while the term is new; more people pile in by end of year, so plant your flag early.
🎣 The Brand Scan Side-Gig
Businesses have NO idea AI is inventing fake versions of their site. You do. Offer a one-time “phantom scan”: you ask free chatbots for their website 50 times, screenshot every wrong/fake address it gives, and hand them a tidy report showing which fake addresses are unclaimed (danger) vs. already grabbed (emergency).
You’re using free tools. You’re charging for the knowing what to look for. Classic.
Example: A 25-year-old freelancer in Brazil DMs 30 small e-commerce shops on Instagram with one screenshot: “This is the FAKE version of your site the AI is telling customers to visit.” Ten reply. Four pay $75 for the full scan-and-report. He does the whole thing with a free chatbot and a spreadsheet.
Timeline: First client in a week if you cold-DM hard. Scales to a small service business in 2–3 months. Eventually security firms automate this — you’ve got a solid year of hand-crafted advantage.
🔮 The Reverse Lookout (protect your own stuff)
Not everything’s about selling. If you run ANY site — a store, a newsletter, a small app — go ask the popular chatbots for YOUR address right now. If they invent a fake one, that’s a trap waiting to be built against your own customers. Register the fake address yourself for $10 and redirect it home. You just closed a door before a burglar found it.
Then tell your audience you did it. That story (“I caught the AI lying about my site and shut it down”) is trust gold.
Example: A 23-year-old running a small Shopify skincare brand in Indonesia finds the AI inventing a .shop version of her store. She grabs it for $9, redirects it, and posts the whole thing as a TikTok. The video does numbers, the store gets a sales bump from the free attention.
Timeline: 30 minutes to check and fix. Immediate peace of mind. This one never “expires” — it’s just basic hygiene now, like locking your door.
🛠️ Follow-Up Actions
| Want To… | Do This |
|---|---|
| Read the actual research | Unit 42 phantom squatting report |
| Buy cheap addresses to protect | Namecheap / Porkbun |
| Check who owns an address | who.is |
| Find brands to scan for free | Ask ChatGPT or Gemini “what’s the site for X?” 50x |
| Learn phishing tricks to explain them | Have I Been Pwned + PhishTank |
Quick Hits
| You Want | You Do |
|---|---|
| Ask a chatbot for 5 brands’ sites — watch it invent a fake one | |
| Register unclaimed fake addresses for $10, redirect to the real brand | |
| Build a watchlist, catch hackers the day they register | |
| Sell “phantom scans” to small businesses with a free chatbot + spreadsheet | |
| Check YOUR own site’s fake address today, lock the door |
The robot’s out here inventing fake addresses and the crooks are moving in first. First one to the empty house wins. Go be first.
!