Google’s New AI Search, Or a Gateway to Malware and Scams?

Written by Andrew Doyle

March 29, 2024

Google's New AI Search, Or a Gateway to Malware and Scams?

Search engines play a crucial role in guiding users to relevant and trustworthy information. Google, being the most popular search engine, constantly tries to improve its search results using cutting-edge technologies.

However, recent reports have raised concerns about Google’s new AI-powered search results promoting sites that push malware and scams.

This article delves into the details of this issue and explores the potential risks associated with it, with tips to shield your IT systems from malware and other web threats.

Google’s AI-Powered Search Generative Experience (SGE) Recommends Malware and Malicious Sites

In March 2024, Google introduced a new feature called “Search Generative Experience” (SGE) in its search results. SGE utilizes artificial intelligence algorithms to provide quick summaries and recommendations for search queries.

The intention behind SGE is to enhance the user experience by offering personalized and relevant information. Unfortunately, this new feature has inadvertently opened the door to malicious cybercriminals.

SEO consultant Lily Ray was among the first to notice that Google’s SGE was recommending spammy and malicious sites within its conversational responses. These sites redirect visitors to unwanted Chrome extensions, fake iPhone giveaways, browser spam subscriptions, and tech support scams.

Google's AI-Powered Search Generative Experience (SGE) Recommends Malware and Malicious Sites

The implications of such recommendations are alarming, as unsuspecting users may fall victim to scams and malware.

SEO Poisoning Employed by Cybercriminals

BleepingComputer first conducted an investigation into the sites promoted by Google’s SGE. They discovered that these sites often use the “.online” top-level domain (TLD), employ similar HTML templates, and perform redirects using the same sites.

This pattern suggests that these sites are part of a coordinated SEO poisoning campaign that has managed to infiltrate Google’s index.

When a user clicks on one of these recommended sites in the search results, they are led through a series of redirects until they reach a scam site.

BleepingComputer’s tests revealed that these redirects commonly lead to fake captchas or YouTube-like sites that trick visitors into subscribing to browser notifications.

The Dangers of Pesky Browser Notifications Pushing Malware

Browser notifications have become more than just an annoyance. They have become a favored tactic among scammers to flood users with unwanted ads directly on their desktops and phones, even when they are not actively browsing the malicious site.

By subscribing to these notifications, users unknowingly expose themselves to a barrage of spam and other web threats including advertisements for tech support affiliate scams, fake giveaways, and other unwanted sites.

One particularly deceptive example is an alert for McAfee antivirus, which claimed that the user’s system was infected with multiple viruses.

Google's New AI Search, Or a Gateway to Malware and Scams?

The scam urged the visitor to either “Scan now to remove viruses” or renew their license. However, these misleading ads were merely a ploy to sell McAfee licenses and earn affiliate commissions for the fraudster cybercriminals.

The Trust Factor: Google’s AI Makes Malicious Sites Trustworthy to Users

What makes this situation even more concerning is the conversational tone used by Google’s AI in answering search queries.

By linking to websites within the answers, the AI inadvertently lends credibility and trustworthiness to these malicious sites operated by cybercriminals.

Users may be more inclined to believe the information provided, leading them further down the rabbit hole of scams and malware.

Google acknowledges the severity of the issue and emphasizes its commitment to combating spam and protecting users from malware and web threats.

The search giant continuously updates its systems and ranking algorithms to detect and prevent spam from infiltrating search results. However, spammers are equally adept at evolving their techniques to bypass detection and exploit vulnerabilities in the search index.

In response to the discovery of these malicious sites promoted by SGE, Google has taken action to remove them from the search results for uncommon queries.

While this is a step in the right direction, it highlights the ongoing cat-and-mouse game between search engines and spammers.

Protecting Yourself from Google Search AI Flaw: Unsubscribing from Browser Notifications

Since many of the scam sites promoted by SGE rely on browser notifications to deliver their unwanted ads, it is crucial to know how to unsubscribe from them.

Here is a simple guide to unsubscribing from browser notifications in Google Chrome:

  • Open Google Chrome and go to Settings.
  • Navigate to Content settings and select Notifications.
  • Under “Allowed to send notifications,” you will find a list of sites you have subscribed to.
  • Click on the three dots next to the URL of each site and choose “Remove” to revoke the subscription.

By following these steps, you can stop receiving browser notification spam from these sites and reduce your chances from being exposed to scams and malware.

Conclusion

Google’s new AI-powered search results, intended to enhance the user experience, have inadvertently become a gateway to malware and scams.

The recommendations provided by Google’s SGE algorithm can lead unsuspecting users to malicious sites that push unwanted Chrome extensions, fake giveaways, browser spam subscriptions, and tech support scams.

It is crucial for users to remain vigilant, verify the information they encounter online. Remember to stay vigilant and exercise caution when browsing the internet. By being aware of the risks and taking necessary precautions, you can navigate the online world safely and protect your organization from scams and malware.

Frequently Asked Questions

1. How does Google’s new AI-powered search results promote malware and scams?

Google’s Search Generative Experience (SGE) algorithm recommends spammy and malicious sites within its conversational responses, leading users to sites that push malware, fake giveaways, browser spam subscriptions, and tech support scams.

2. What tactics do these malicious sites employ?

These sites often use the “.online” top-level domain (TLD), employ similar HTML templates, and perform redirects using the same sites. They trick visitors into subscribing to browser notifications, which then bombard users with unwanted ads and potentially expose them to scams.

3. How can browser notifications be dangerous?

Browser notifications allow scammers to send unwanted ads directly to users’ desktops, even when they are not actively browsing the malicious site. Users may unknowingly subscribe to these notifications and become targets of spam, fake giveaways, and tech support scams.

4. How can users protect themselves from these scams?

Users can protect themselves by unsubscribing from browser notifications. In Google Chrome, they can go to Settings, navigate to Content settings, select Notifications, and remove the subscriptions from the list of allowed sites.

5. What is Google doing to address this SGE AI issue?

Google is committed to combating spam and protecting users. They continuously update their systems and ranking algorithms to detect and prevent spam from infiltrating search results. They have also taken action to remove the malicious sites promoted by SGE from the search results for uncommon queries.

Related Articles

Daixin Ransomware Claims Omni Hotels Cyberattack

Daixin Ransomware Claims Omni Hotels Cyberattack

The Daixin Team ransomware gang has taken responsibility for a recent cyberattack on Omni Hotels & Resorts and is currently issuing threats to publish sensitive customer information unless a ransom is paid. This development comes after the hotel chain experienced...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter

 

Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!