Online fraud is evolving rapidly, and much of that evolution is being driven by the convergence of Artificial Intelligence and Fraud-as-a-Service. What was once the work of a handful of opportunists manually creating crude scam sites has now become an organised industry offering turnkey infrastructure to criminals of all levels of sophistication. Today, entire fake shops, investment scams, and phishing pages can be launched with little effort, blending seamlessly into the online environment and making detection significantly more challenging.
How AI Has Changed Scam Websites
Artificial Intelligence has fundamentally changed the nature of scam websites. Where once fake shops were easy to spot through broken English, mismatched fonts, or awkward layouts, AI now generates polished product descriptions, realistic customer reviews, and even complete “about us” pages that look authentic. Visual design is no longer a hurdle either, with AI tools producing sleek templates that mirror the style of legitimate brand websites down to the smallest detail.
In some cases, these operations deploy AI-powered chatbots, simulating customer service and reinforcing trust with unsuspecting shoppers. Combined with turnkey Fraud-as-a-Service kits, scammers can roll out entire networks of professional-looking fake stores within hours, all tailored to specific geographies, search keywords, or trending products. This automation makes them harder to distinguish from genuine retailers and allows syndicates to rapidly relaunch when one site is shut down.
The Role of Fraud-as-a-Service
Fraud-as-a-Service takes these AI-driven capabilities and packages them into a complete, ready-to-use offering. Instead of needing coding skills or design expertise, criminals can now subscribe to pre-built kits that deliver fake retail stores, fraudulent banking portals, or investment scam sites straight out of the box. These kits often come bundled with unregulated payment gateways, bulletproof hosting providers, and backend infrastructure designed to frustrate detection and resist takedown efforts.
What once required weeks of technical work can now be achieved in hours. For a relatively low subscription fee, bad actors can spin up dozens of professionally designed scam sites, each tailored to a particular geography, keyword set, or brand target. Syndicates scale these operations globally, launching coordinated waves of domains that flood search results and social ads with convincing fakes. When one site is removed, another instantly takes its place, making enforcement feel like a game of whack-a-mole.
This shift marks a critical change in the cybercrime economy: scams are no longer the work of a few technically skilled operators, but an industrialised service sector where fraud can be purchased, deployed, and scaled like any other SaaS product.
FaaS & AI in action, rapid fake storefronts
Fraud-as-a-Service takes these capabilities and packages them into a complete offering. Criminals can purchase pre-built templates for fake retail stores, fraudulent bank login portals, or investment scam sites, all of which are supported by unregulated payment gateways and protected by hosting services that are designed to frustrate takedown efforts. What used to take weeks of technical set-up can now be purchased for a subscription fee, deployed within hours, and scaled across multiple regions.
AI & FAAS in Concert: Hoka Case Study
In practice, Fraud-as-a-Service (FaaS) enables scammers to launch AI-generated retail sites that appear complete from day one. These sites clone entire product inventories from legitimate brands, add integrated checkout systems, and publish convincing service pages, only to redeploy the same template across dozens of domains as soon as one is taken down. Our research shows this tactic is especially prevalent in the sporting apparel category, where impostor stores are promoted heavily through social ads and search.
We have tracked syndicated groups targeting brands worldwide, including HOKA shoes, where AI-generated content and FaaS infrastructure allow bad actors to deploy dozens of near-identical sites within hours. The templates are often adjusted by geography, keyword focus, and product variations, but share common markers: aggressive discounting, cloned assets, and recycled catalogues. HOKA itself warns that fake webstores routinely copy its branding, while independent investigations and Australian reporting point to broader “ghost store” networks across the sportswear sector. These networks rely on shared templates, unregulated payment processors, and automated hosting setups to enable rapid relaunch at scale. This is the FaaS playbookturnkey kits, hosting, and payment rails that minimise setup time and maximise persistence.
This campaign tracked in Unphish used what we call the “runsmooth” template, a cloned HOKA retail layout replicated across multiple malicious domains. The template features identical imagery, catalogue content, and discount-heavy product pages, but is deployed on different domains to evade takedowns. Our monitoring shows syndicates launching dozens of these impostor stores in quick succession, often within the same geography, reusing assets while swapping out domains and payment rails. This repetition is the hallmark of Fraud-as-a-Service, where turnkey kits allow bad actors to stand up convincing fake shops at scale and relaunch almost instantly after suspensions.
Countering AI-Driven Phishing & Fraud
At Unphish, we see the rise of AI-generated websites and FaaS as a defining challenge in online brand protection. Our systems are designed to identify recurring scam templates, even when content has been reworked to appear unique. We use AI to analyse websites for red-flag elements such as cloned brand assets, suspicious payment systems, and reused infrastructure, and we track the networks of service providers that supply the underlying FaaS capability. Once identified, our enforcement engine can act quickly, generating complaints, submitting takedowns, and ensuring fraudulent sites are removed before they cause wider harm.
About brandsec
Brandsec is Australia’s leading brand protection and corporate domain management company. We help businesses safeguard their digital presence by monitoring, detecting, and removing online threats such as phishing sites, fake shops, counterfeit apps, and impersonation scams. Our enforcement platform, Unphish, combines automation and AI with expert analysts to deliver fast, effective takedown solutions that protect both brands and their customers.
