Voice

When AI Fakes a Brand: Domain Spoofing Is a Crisis of Trust

Your domain is more than a URL—it’s your reputation

Data thief stealing information from laptop at night with letters for artificial intelligence
Generative AI tools can spin up thousands of fake domains and clone websites that siphon brand equity.Grafissimo/Getty Images
Headshot of Rick Crandon
By Rick Crandon

We deliver! Get curated industry news straight to your inbox. Subscribe to Adweek newsletters.

The ability of AI to generate hyperrealistic text, images, and websites, causes a growing—and largely invisible—threat for brands known as domain spoofing.

What used to be a niche cybersecurity concern can now cause a mainstream brand crisis. Fraudulent websites are not only easier to create with the emergence of AI, but they are also harder to detect. They mimic legitimate companies so convincingly that customers don’t think twice before engaging. This can result in scams, data theft, impersonation, and, most importantly, erosion of consumer trust.

This issue can no longer be viewed as the sole responsibility of IT departments. It’s a marketing problem. It’s a brand protection issue. And, increasingly, it’s a risk that CMOs and brand and legal teams must proactively address in the AI era.


For marketers, AI promises a leap in productivity—but only when guided by a clear strategy and human oversight. The question isn’t whether to use AI, but how to use it […]

Navigating the Future of Trust, Risk, and Opportunity in the Age of AI

AI-powered domain fraud

Generative AI tools can now spin up thousands of fake domains and clone websites that pass the sniff test of most ad platforms, search engines, and even users. Cybercriminals use homoglyphs and typosquatting to build deceptive sites that collect passwords, distribute malware, or reroute ad traffic for profit. Some domains host fake ecommerce pages or impersonate customer service portals. But all of them siphon brand equity.

The barrier to entry is virtually gone. What once required time, effort, and a degree of technical sophistication is now as easy as prompting an AI chatbot. It’s domain abuse at scale.

Why brands are vulnerable 

Despite pouring millions into trademarks, brand identity systems, and ad campaigns, many companies have left their digital front door wide open. Defensive domain registrations are rare, and furthermore, trademark-backed domain protection is all too often an afterthought. And collaboration between cybersecurity and brand marketing teams is, at best, inconsistent.

Brands wouldn’t leave their logos unprotected; however, they routinely fail to lock down core and adjacent domain names, making it easy for bad actors to launch impersonation schemes.

When trust breaks 

When a customer falls for a fake domain, it’s the brand they blame. Even if fraud occurs outside the company’s infrastructure, the perception of negligence can be reputationally devastating. Trust is hard-won and easily lost. In the age of AI, the window for responding to spoofing attacks is shorter, and the consequences are more severe.

The brand damage is often twofold. First, there’s the initial fraud—lost sales, stolen data, or misdirected users. Then comes the media fallout, legal exposure, and erosion of customer confidence. The recent bankruptcy of 23andMe underscores this perfectly: While the data breach happened in 2023, the long-tail consequences—declining customer trust, class action lawsuits, and ultimately a loss in revenue—culminated in the company filing for bankruptcy in 2025. It’s a textbook case of how a cybersecurity failure, left unchecked, becomes a brand crisis.

What marketers can do now

It’s time to treat domain security as a core pillar of brand protection. That means:

  • Working with legal and cybersecurity teams to map out a domain defense strategy.
  • Registering key variations, including typo versions and new generic top-level domains such as .shop, .support, etc.
  • Monitoring domain registrations in real time.
  • Enrolling in trademark protection programs like ICANN’s Trademark Clearinghouse.
  • Developing response protocols when spoofing incidents arise.

Brand safety in the age of AI 

Just as programmatic ad fraud forced marketers to rethink digital placements, AI-fueled domain spoofing must reshape how we think about brand safety. More than stopping bad actors, this is about proactively defending the trust brands work so hard to earn.


It

Marketers Need to Rethink the Role of Digital in Campaigns

As AI continues to evolve, so too must our brand protection strategies. Domain security can’t remain a reactive IT function. Rather, it must become a shared responsibility between cybersecurity, marketing, communications, and legal teams.

Because in today’s AI-driven, digital landscape, your domain is more than a URL—it’s your reputation.

Headshot of Rick Crandon

Rick Crandon

Rick Crandon is a domain security expert at Nominus.

Recommended videos