Cybercriminals continually seek new ways to expose you to phishing and scam sites designed to steal your credentials or install malware that can compromise your personal data and system. Although browsers and search engines like Chrome and Google Search actively scan and take action against spam and malicious sites, they rely on automated tools to manage the huge volume of threats.
Recently, hackers have developed AI-powered cloaking software that enables them to bypass these scanners by showing benign pages to security systems while revealing harmful content only to real users. This advanced cloaking technique significantly increases the effectiveness and durability of phishing and malware sites, making it harder for traditional detection methods to protect you.

AI-powered web cloaking is here to trick you
As discovered by researchers at Slashnext, cybercriminals are adopting a new tactic that makes scam websites nearly invisible to the security systems meant to stop them. Known as web cloaking, the technique uses artificial intelligence to hide phishing pages, fake storefronts, and malware delivery sites from automated scanners while showing them only to human victims.
Platforms like Hoax Tech and JS Click Cloaker are emerging as key players in this trend. While both market themselves as traffic filtering tools for digital marketers, they are also being used to protect criminal infrastructure. These services use advanced fingerprinting, machine learning, and real-time decision-making to control what each visitor sees.

How cloaking tools outsmart detection systems
Hoax Tech analyzes hundreds of data points to build a digital fingerprint of every visitor, from their browser configuration and plugins to their geographic location and IP history. The company’s AI engine, called Matchex, compares this data to a massive database of known crawlers and security scanners. If the system detects a suspicious visitor, it redirects them to a clean, harmless site. If it identifies the visitor as legitimate, it displays the actual scam content.
JS Click Cloaker takes a similar approach but claims to evaluate over 900 parameters per visit. The system scans for behavioral anomalies and uses historical click data to decide whether to allow access to the real page. It also includes features like traffic splitting and A/B testing, giving its users a suite of tools more commonly seen in professional marketing software.
At the core of both platforms is the “white page” and “black page” system. The system shows security scanners the white page, which looks benign and passes review. It serves human victims the black page, which contains the scam or malicious payload. This selective targeting allows phishing campaigns and fraudulent sites to stay live longer and avoid detection.

6 ways you can stay safe from cloaked scam sites
Cybercriminals are increasingly adopting advanced cloaking tools to evade detection, which is making it harder for people to spot malicious websites. Still, there are steps you can take to reduce your risk:
1) Stick to trusted sources: Avoid clicking on links from unknown senders or sketchy websites, even if they appear in ads or social media posts. Type URLs directly when possible.
2) Use strong antivirus software: A strong antivirus software can help analyze suspicious links and sites before you open them.
- Strong real-time protection against viruses, malware, ransomware and hacking attempts
- AI-powered scam protection to help identify suspicious emails, texts and websites
- Built-in password manager to securely store and manage logins
- 2 GB PC cloud backup to help protect important files from ransomware or hardware failure
- Smart firewall and phishing protection
- Protects 1, 3 or 5 devices
- Available for Windows, macOS, Android and iOS
- Includes real-time threat protection, smart firewall and phishing protection to guard against online attacks
Watch the latest episode of The CyberGuy Report.
Missed this event? Sign up via the registration form and see our live recording.
See Kurt’s latest Amazon picks for useful gadgets, smart home upgrades and everyday tech worth grabbing while the deals last.
3) Use security-focused browsers: Built-in protections in browsers like Firefox and Brave can help block suspicious scripts and trackers.
4) Keep your software updated: Regular updates to your browser, operating system, and antivirus software ensure you have the latest security patches.
5) Be cautious with login pages: If a site asks for your credentials unexpectedly, verify the URL and domain name carefully. Cloaked phishing pages can look nearly identical to the real thing.
6) Enable two-factor authentication (2FA): Even if your credentials are stolen, 2FA can act as a final line of defense against account takeover by requiring a pin which is generated through an authenticator app or is sent to your phone or email.
Related links:
- Stop data brokers from selling your information online
- Airlines selling passenger data to Homeland Security
- Your health data is being sold without your consent
Kurt’s key takeaway
AI-powered cloaking is making it increasingly difficult to track and take down malicious sites. The result is a fast-growing market for what is essentially cloaking-as-a-service. These tools are inexpensive, easy to use, and designed to work at scale. For cybercriminals, cloaking is no longer a fringe tactic but a core part of their toolkit. While you may still be unaware of these tools, they are already reshaping how digital fraud operates behind the scenes.
Do you think browsers and search engines are doing enough to protect you from advanced scams like these? Let us know in the comments below.
FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Copyright 2025 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.
