TYDE Faculty Affiliate Lana Swartz weighs in on scam sites that mimic legitimate ones.
By Meghan McCarty Carino
Published Feb. 23, 2026 Marketplace
Artificial intelligence coding agents have been getting so capable and intuitive, basically anyone can program their own software without much technical knowledge. Want to build yourself a website? Just tell your AI coding agent what you want, et voilà.
But lowering the barrier to sophisticated web design is also opening the door to more scams.
Cybersecurity firm NetCraft said last year it identified 100,000 AI-generated websites impersonating almost 200 different brands.
I encountered a likely one when distractedly shopping for a hair care product on my phone while half-watching TV. A Google search for the Italian hair care brand Davines returned a top sponsored link for “Davines North America Official Online Shop.”
Spoiler — it was not.
“Truly, I empathize so much with people who find these threats in the wild and assume that they are legitimate,” said Ginny Spicer, a threat intelligence analyst at Netcraft.
She said Netcraft looks for patterns in site code that suggests it was generated with AI, like included to-do lists.
“We’re even watching to see how many emojis are left into the site code, because that’s not something people typically do,” she said.
On the front end, the fake Davines website looked pretty similar to the real thing, at least on a mobile phone. It didn’t have misspellings or janky graphics.
“It’s the same scam. It’s just, it’s cheaper to do it on a broader scale,” said Charles Henderson with cybersecurity firm Coalfire.
In the old days, the Davines scammer would either have had to learn specialized skills or hire someone with them, spend a bunch of time building a site, and then hope enough shoppers of a relatively obscure brand handed over their credit card numbers in the short window of time before the scam inevitably got reported.
But AI makes it possible to generate dozens of official-looking sites a day with just a few prompts.
“And that means the return on investment’s higher. That means it’s going to be more prolific,” said Henderson.
Smaller brands and e-commerce operations are now being targeted by imposters, said Zach Edwards, senior threat analyst at Silent Push.
“You’re a luxury hair brand, you’ve never had any cyber threats targeting you, and then suddenly you get dozens of customers who are like, ‘I lost $1,000,’” he said. “So a lot of these brands are facing this challenge of, ‘How do I find these? How do I warn my customers that this could exist?’”
Because fake sites are cheaper to produce, he said scammers don’t have to be so aggressive in finding victims with unsolicited emails or texts, which many consumers have grown skeptical of.
“Imagine you’re on a social network and you’ve liked a luxury brand, a scammer can buy ads targeting people who have liked that luxury brand,” he said. “You Googled it. It was on the first page of results. How could it be bad?”
The usual red flags apply, like discounts that are too good to be true. But shoppers now have to be vigilant in contexts they might not have expected.
And there are all kinds of AI agents out there doing who knows what, said Lana Swartz a professor of media studies at the University of Virginia.
“The more and more that AI becomes infrastructural and becomes part of our everyday lives, the more likely we are to encounter scams and fraud,” she said.
Whether it’s deepfake videos, job scams, or imposter websites, AI is scrambling the signals we use to make sense of the world.
“We absolutely are moving into an era where we’re going to have to recalibrate our epistemologies in just about every aspect of our lives,” Swartz said.
I did finally realize the Davines site was fake — about half a second before I hit the buy button, I glanced down at the url, which said davineas.com.
