No-code or “vibe coding“ tools have opened up a whole world of possibilities for those of us who are non-technical. You’re able to build mobile apps, database-driven websites and complex workflows without a single developer. A person can sign up, and can create a professional-looking website for free in most cases. These services will even host the sites for you if you need them to. In many cases, you can just tell the A.I. what you want it to do, and it’ll do it nearly flawlessly.
And if you and I can do that, imagine what someone with ill intent can do.
That’s what Bill Toulas at Bleeping Computer wrote about this week; people using the popular AI web builder Lovable to create, publish and host malicious websites using their service.
Most of us that work for any medium or large company have to go through training every year. Part of this training is to help you identify and report malicious activity you come across, whether it’s an email, sketchy website or personal communication, so that you can protect yourself and the company.
It can get quite sophisticated, but in a nutshell, if emails or websites are low-quality, poorly-structured, or contain links to domains you don’t recognize, you probably should steer clear of them.
That’s what we’re taught.
But in the age of A.I., anyone can create a professional-looking, well-crafted email/website for virtually nothing. The days of recognizing these methods being harmful are fading; in fact, it’s probably easier to create these with A.I. than the traditional ways.
In the article, Bill outlines a few examples of things he’s seen so far that use some sophisticated methods to trick you into giving up your info and separating you from your money.
It’s not going to get easier. I know of instances where people have searched for information on something as simple as contacting the cable company to report a problem, and Google’s A.I. response contained information that was fake and designed to ensnare people looking for help. In this instance, Google did what it was trained to do—deliver the information requested—only that information was false.
Information is becoming increasingly untrustworthy, especially in the United States, as guardrails that were created to help curb these type of things are dissolved and information disseminated from our own government is false, not-reported, or giving poor instruction to people that don’t know any better. It is up to us to use our common sense and intuition. If something doesn’t seem right, put the brakes on immediately. Be careful how you interact with everything, and only share your information when you have to and feel safe doing so. Make sure you know the numbers for your bank from the back of your cards or statements, and contact them if you feel you’ve been compromised. Don’t click on links without knowing where they are going. Your bank is not going to be using a url from lovable.dev.
And don‘t forget, “If you see something, say something.“
Comments