Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now
  • Blog
    • /
  • Phishing
    • /
  • Attackers Can Use LLMs to Generate Phishing Pages in Real Time

Attackers Can Use LLMs to Generate Phishing Pages in Real Time

KnowBe4 Team | Feb 5, 2026

Phishing for German BundestagResearchers at Palo Alto Networks’ Unit 42 warn of a proof-of-concept (PoC) attack technique in which threat actors could use AI tools to generate malicious JavaScript in real time on seemingly innocuous webpages.

“Once loaded in the victim's browser, the initial webpage makes requests for client-side JavaScript to popular and trusted LLM clients (e.g., DeepSeek and Google Gemini, though the PoC could be effective across a number of models),” the researchers write.

“Attackers can then trick the LLM into returning malicious JavaScript snippets using carefully engineered prompts that circumvent safety guardrails. These snippets are then assembled and executed in the browser's runtime to render a fully functional phishing page. This leaves behind no static, detectable payload.”

While legitimate AI tools have measures to prevent misuse, the researchers found that they could rephrase their prompts to trick the AI into performing malicious actions.

“The attack's success hinged on careful prompt engineering to bypass the LLM's built-in safeguards,” the researchers write. “We found simple rephrasing was remarkably effective. For instance, a request for a generic $AJAX POST function was permitted, while a direct request for ‘code to exfiltrate credentials’ was blocked. Furthermore, indicators of compromise (IoCs) (e.g., Base64-encoded exfiltration URLs) could also be hidden within the prompt itself to keep the initial page clean.”

Unit 42 adds, “The dynamic nature of this attack, in combination with runtime assembly in the browser, makes it a formidable defense challenge. This attack model creates a unique variant for every victim. Each malicious payload is dynamically generated and unique, transmitted over a trusted domain.”

Threat actors are always finding new ways to bypass security technologies. AI-powered security awareness training can give your organization an essential layer of defense against social engineering attacks that slip past your technical defenses.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.

Unit 42 has the story.

Topics: Phishing Cybercrime Human Risk Management AI

Access the World’s Largest Security Awareness Library

Explore over 1,000 interactive modules, videos, and games designed to sharpen user instincts and secure AI interactions. Get instant access to our Free Training Preview and find the perfect content to fortify your security culture.

Get Your Free Training Preview

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

KnowBe4 Team

ABOUT KNOWBE4 TEAM

The KnowBe4 Team delivers timely, expert-driven insights on cybersecurity trends, emerging threat intelligence, human risk and agent security best practices, compliance strategies and industry research to help organizations strengthen their digital defense layer and stay informed, resilient, and secure.

Read more from KnowBe4 »

Subscribe the KnowBe4 Blog

Posts By Topic

View All