WebFake: The rise of Automated Impersonation Attacks

We've discovered a disturbing new trend in phishing attacks that leverages artificial intelligence to create nearly indistinguishable replicas of legitimate websites. Our recent investigation uncovered multiple fraudulent domains designed to impersonate Radix Financial Group, employing AI-assisted tools to extract and replicate the original website's source code with remarkable accuracy. These phishing sites even link to the Google Maps ratings page of the real Radix Financial Group, further deceiving unsuspecting visitors.

‍

Identified Malicious Domains:

• radixfinances.com
• radixfinancescore.com
• radixfinancespecialist.com
• radixfinancialelite.com
• radixfinancialcorehub.com
• radixfinancialadvisoryhub.com
• radixfinancialcentralhub.com

(Several additional domains were discovered in this campaign network)

Key Statistics:

- 13 fraudulent domains identified in this campaign
- 98.7% visual similarity to legitimate website
- Average domain age: 27 days
- Traditional security tools detected only 23% of these domains

AI-Powered Phishing Tactics

These fraudulent sites employ a highly automated AI-driven attack strategy, making them significantly more deceptive than traditional phishing attempts:

Automated Source Code Replication:

Attackers use AI-assisted tools to scrape the source code of the legitimate Radix Financial Group website. This allows them to reconstruct an identical front-end experience, ensuring victims see a visually indistinguishable replica. Technical analysis revealed DOM structure replication with 99.4% accuracy.

Integration with Legitimate Business Information:

These phishing sites link to the official Google Maps ratings page of Radix Financial Group. This tactic creates an illusion of authenticity, misleading users into trusting the fraudulent website. Backend code analysis revealed sophisticated API integration methods to pull legitimate business data

Dynamic Website Adaptation:

Some of these sites display messages such as "Your browser does not support frames. We recommend upgrading your browser". This deception can be used to redirect users or trigger malware downloads. JavaScript analysis showed conditional logic that varies content based on visitor characteristics.

AI-Based Defense: How StrongestLayer Detected the Attack

Traditional cybersecurity defenses struggle to keep pace with AI-generated phishing attacks, which are constantly evolving. However, our ZeroDay Detection Engine successfully identified these fraudulent sites using intent-based clustering powered by a Large Language Model (LLM).

How Our AI Detection Works

Intent-Based Clustering: Our system classifies websites based on their true functional intent, going beyond domain names and surface-level patterns to detect deceptive structures. LLM-Powered Analysis: Leveraging cutting-edge natural language processing (NLP), our AI identifies nuanced contextual links between legitimate and fraudulent websites. Real-Time Zero-Day Threat Detection: Unlike static blacklists, StrongestLayer’s AI continuously uncovers emerging phishing threats before they spread, providing proactive protection.

The Need for Modern AI-Driven Cyber Defense

With AI powering both attackers and defenders, modern cybersecurity must evolve beyond conventional detection techniques. Key takeaways include:

- AI-based phishing attacks are no longer manually crafted; they are fully automated
- Legitimate-looking phishing sites can now integrate real-world business information (like Google Maps reviews) to appear more authentic
- Static security measures (such as blocklists) are inadequate—AI-driven behavioral and intent-based detection is the only effective countermeasure

Conclusion: A Call for AI-Driven Cybersecurity

The discovery of these fraudulent Radix Financial Group impersonation websites highlights the urgent need for cutting-edge AI in cybersecurity. Attackers are no longer relying on manual efforts; they are leveraging AI to scale deception at an unprecedented rate. Without AI-powered defenses like StrongestLayer's ZeroDay Detection Engine, users and organizations remain vulnerable to these advanced threats.

In an era where AI phishing is becoming indistinguishable from reality, cybersecurity must embrace AI-based defense mechanisms to stay ahead of attackers. Awareness, AI-driven detection, and proactive measures are the keys to a secure digital landscape.

About StrongestLayer: StrongestLayer specializes in AI-powered cybersecurity solutions focused on zero-day threat detection and prevention. Our team combines expertise in machine learning, cybersecurity, and threat intelligence to create next-generation defense systems that protect organizations from emerging digital threats.