Google’s AI powered search results links to malware and scam websites
Google’s recently introduced ‘Search Generative Experience’ feature, which uses AI to offer summarised search results seems to be recommending shady websites that redirect users to malware-packed Chrome extensions and scams like fake iPhone giveaways.
According to a recent report by Bleeping Computer, the spammy and malware-laden search results that were first spotted by SEO consultant Lily Ray might make some users fall for these scams. As it turns out, the shady websites used by SGE in search results use the .online domain, have the same HTML template and use the same websites over and over to redirect traffic.
If you happen to click one of these links, users will be redirected to several websites until they reach a scam site. The report claims that most of these redirects took users to pages with fake captchas or YouTube lookalikes that ask users to allow browser notifications.
Most of these websites use the .online domain. (Image Credit: Lily Ray/X)
For those not in the know, asking users to send browser notifications is one of the most popular tactics used by scammers to display dangerous ads directly on the system, even if you don’t have the website opened. Bleeping Computer says once they allowed notifications from these websites, they were greeted with a barrage of notifications for tech support scams and fake giveaways. One of these ads also pushed users to install harmful browser extensions that hijack the search bar amongst other things.
You may be aware of these tactics adopted by scammers, but the thing that makes it different from regular scams is that Google’s AI-powered Search Generative Experience answers queries in a more conversational tone, making these malicious websites seem legitimate.
However, it is still unclear how these web pages have found their way to Google’s AI-powered search algorithms. While Google seems to be continuously updating its ranking algorithm to weed out low-quality or spam content, spammers seem to be a step ahead of the tech giant when it comes to ranking such content in the search index.
How to disable browser notifications in Google Chrome?
Since most of the scam sites making an appearance in the SGE results use browser notifications, you might want to disable them. To disable unwanted notifications, open Chrome on your machine, head over to ‘Settings’, navigate to ‘Content’ and click on ‘Notifications’.
In the section named ‘Allowed to send notifications’, you will be able to see a list of websites that are allowed to send you notifications. For the ones you don’t know, tap on the three-dot button and click ‘Remove’. Now, you will no longer get notifications from these websites.
This is not the first time Google search results has redirected users to malware laden websites. In December last year, an Amazon ad with a legitimate URL on Google was found leading users to a fake Microsoft tech support website.