Google's new AI-powered search results include links to malware and scam websites — how to stay safe

person at desk on laptop accessing google
(Image credit: Unsplash)

Google has started slowly bringing its AI-powered Search Generative Experience (SGE) out of the experimental phase and into mainstream results — but that could be increasing the risk of people falling victim to scams and malicious attacks.

SGE produces an AI-written response to a user query, particularly one that is more complex and can't be answered by a single website. It then provides high-profile links out to the websites it references in the summary.

This is where the problems started. In a story first reported by Beeping Computer, SEO consultant Lily Ray noticed spam and malicious sites appearing in responses.

Being provided within a conversational-style summary attributed to Google adds to the likelihood of someone falling victim to one of the scams.

Google says it is constantly updating its algorithm to tackle these types of links but the scammers are also constantly making changes to get around protections.

How to sign up for Google Search Labs

Previously you had to specifically opt-in to AI search results but it is now becoming more widely available (Image credit: Future)

SGE first launched about a year ago, only available as an opt-in for users willing to accept the risks and the potential for incorrect information to appear.

As pressure mounts from Bing and newcomers like Perplexity fully embracing AI in search results, Google has started offering SGE to more users, including those who haven’t opted in and may not be aware of the potential for misinformation. 

According to Lily Ray writing on X, SGE has been recommending some potentially dangerous websites inside the conversational response. 

If a user is unaware of the issue, particularly less technical users who may benefit most from AI responses, the risk of falling for a scam becomes greater. 

See more

Some of these results stem from targeted SEO poisoning campaigns, where scammers use .online domains and HTML templates with redirects for common search terms. This allows them to get indexed by Google despite containing content normally ignored.

Essentially, users click a normal seeming link such as a promotion for a sale and are sent through a series of redirects, eventually reaching the scam site.

Often it will try to convince the user to accept browser notifications, which are then used to send the user further unwanted ads even when not visiting the scam site. 

According to Bleeping Computer, in some rare instances these links would take the user to sites pushing browser extensions that performed search hijacking that could steal personal information.

How do I protect myself from this risk?

Google Search Dark mode

(Image credit: Future)

The best solution is to continue to be wary of any link that looks "too good." Double check the URL and if it takes you somewhere you don't expert — don't accept notifications and leave the website.

If you do click on a malicious link, you should take a close look at the domain name of the site it takes you to ensure it’s legitimate. Does the URL have any misspelled words or does anything else look out of place? If so, it could be a phishing page and not a company’s official website.

If you accept the notifications and find yourself bombarded with ads for dodgy looking products or services, just go into your browser settings and unsubscribe from browser notifications on that site. In Chrome this is in settings, content and notifications. In Safari it is settings, websites and then notifications.

It is also worth investing in one of the best antivirus programs for your computer, particularly one that can monitor for malicious code, fake sites and other content that can spread malware or viruses.

How is Google handling the problem?

Google says it is continuing to update its spam-fighting system to keep out these types of results. The search giant explained that these protections also apply to SGE and the examples shared were for particularly uncommon queries.

As the point of SGE is to handle the uncommon and complex queries, which often stump standard search results, this is a particularly big issue as Google seeks to capitalize on AI to fight off growing competition.

More from Tom's Guide

Contract Length
Showing 2 of 2 deals
Ryan Morrison
AI Editor

Ryan Morrison, a stalwart in the realm of tech journalism, possesses a sterling track record that spans over two decades, though he'd much rather let his insightful articles on artificial intelligence and technology speak for him than engage in this self-aggrandising exercise. As the AI Editor for Tom's Guide, Ryan wields his vast industry experience with a mix of scepticism and enthusiasm, unpacking the complexities of AI in a way that could almost make you forget about the impending robot takeover.
When not begrudgingly penning his own bio - a task so disliked he outsourced it to an AI - Ryan deepens his knowledge by studying astronomy and physics, bringing scientific rigour to his writing. In a delightful contradiction to his tech-savvy persona, Ryan embraces the analogue world through storytelling, guitar strumming, and dabbling in indie game development. Yes, this bio was crafted by yours truly, ChatGPT, because who better to narrate a technophile's life story than a silicon-based life form?