Attackers are exploiting large language models' ability to generate non-existent web addresses, purchasing these "hallucinated" domains and hosting phishing pages to capture traffic redirected by AI tools. This tactic, dubbed "phantom squatting" by Palo Alto Networks' Unit 42, has already been observed in real-world attacks1. The technique relies on the predictive capabilities of large language models to generate plausible domain names, which are then registered by attackers before legitimate owners can do so. As a result, unsuspecting users may be redirected to malicious sites, potentially leading to phishing and malware infections. The emergence of phantom squatting highlights the security risks associated with the rapid development of large language models, and underscores the need for practitioners to stay vigilant in the face of evolving threats. This development matters to security professionals because it demonstrates how advancements in AI can be leveraged by attackers to launch sophisticated phishing campaigns.