Proofpoint, a prominent cybersecurity and compliance firm, has identified alarming trends in cybercrime linked to AI-powered website builders like Lovable. These tools, which simplify website creation, are being exploited by criminals to launch extensive phishing and fraud campaigns. While AI-generated emails have had limited impact, services like Lovable are lowering the barrier for cyber attacks. Proofpoint reports that since February 2025, hundreds of thousands of Lovable URLs have been flagged as threats monthly. Notable campaigns include Tycoon, which affected over 5,000 organizations through CAPTCHA-driven phishing, and July 2025 attacks impersonating UPS, targeting personal and payment data. Additionally, Lovable’s functionality is being weaponized in schemes aimed at cryptocurrency theft. With insufficient safeguards against misuse, attackers can easily create deceptive websites. To combat this rising threat, organizations should adopt allow-listing policies and advocate for stronger security measures in AI tool development.
Source link
