Cybercriminals are leveraging the growing popularity of artificial intelligence to perpetrate attacks, capitalizing on the surge in interest following the release of chatbot technologies like ChatGPT. New research by Netcraft reports on the increasing use of .ai domain names where criminals use malicious websites around AI to draw in victims.
AI domain growth: The .ai country code top-level domain (ccTLD), representing Anguilla, has seen a significant uptick in registrations due to the AI industry boom. Large tech companies such as Google and Meta have adopted .ai domains to showcase their AI initiatives, reflecting a broader industry trend. Since 2013, the usage of .ai domains has skyrocketed by over 12,000%.
Rising malicious activity: According to Netcraft, there has been a notable increase in malicious activity on .ai domains in 2023, with phishing attacks constituting most of these nefarious actions. Such domains are frequently used in affiliate marketing scams, tricking victims with false prize surveys.
Costly but coveted: Despite .ai domains being pricier than most, their perceived legitimacy makes them appealing to criminals, especially for cryptocurrency scams. The AI hype has led to a breakdown in traditional cybersecurity habits, with users more inclined to trust and click on .ai links due to their association with legitimate AI products and growing media attention.
Potential risks ahead: The .ai domain space, while still small, is expanding rapidly with many available domains that could be exploited for malicious intent. There’s also concern for future phishing attacks, particularly through typosquatting, as .ai could be easily mistaken for .au domains on common keyboard layouts. However, such tactics have not been widely observed yet.