Google goes on the attack against Bard malware — here's how to protect yourself

Google Bard AI
(Image credit: Shutterstock)

Google has filed a lawsuit against scammers who impersonated its generative AI chatbot in an attempt to trick users into downloading malware.

Just like with OpenAI’s ChatGPT, scammers were quick to capitalize on the release of Google Bard earlier this year. Both AI tools weren’t immediately available to the public, and interested users needed to join a waitlist before getting access. In the meantime, scammers stepped in by promising fast access to both Bard and ChatGPT — for a price, of course.

According to a new blog post from Google, the search giant plans to take legal action against two groups of scammers that abused Bard online. While the first group leveraged the hype around generative AI to spread malware, the second allegedly weaponized the Digital Millennium Copyright Act (DMCA) to submit thousands of blatantly fraudulent copyright notices to harm the competition.

While fake copyright notices can be dangerous in their own right, tricking unsuspecting users into downloading malware when trying to access a service that is actually free is a worse offense in my opinion. Now that Google has filed a lawsuit in California against the scammers behind this campaign, this will likely become less of a problem going forward.

Still though, here’s what you need to look out for now when it comes to Google Bard scams online.

Abusing Facebook to spread malware

The scammers named in Google’s lawsuit used the wide reach and user base of Facebook to target unsuspecting users in their attacks.

They did this by creating several Facebook pages including “Google AI,” “AIGoogle,” and “AIGoogleBard.” To make these pages appear legitimate, they used Google’s logos, marketing colors and even pictures of the company’s CEO Sundar Pichai. 

Google Bard is entirely free to use online — you can access it here. However, the Facebook pages created by the scammers responsible encouraged people to “download” Bard instead. At the same time, they also ran ads on the social media network that encouraged unsuspecting users to do the same thing.

Both these fake Facebook pages and ads led people to malicious websites where they downloaded malware onto their computers instead of Google Bard. While Google hasn’t said which malware strain was used in these attacks, it did reveal that the malware was then used to steal their Facebook and other social media accounts.

How to stay safe when using generative AI tools

A woman looking at a smartphone while using a laptop

(Image credit: Shutterstock)

Creating a sense of urgency is one of the main ways that hackers, cybercriminals and even scammers trick people into falling for their schemes. In this case though, by hiding access to its generative AI tool behind a waitlist, Google did most of the work for the scammers.

For this reason, you always want to be extra careful when trying to gain access to a new tool or software product. If there’s a waitlist, then you want to be on the lookout for anyone saying they have a trick or hack to bypass it. Doing your own research is also important as a simple web search would have revealed that there currently isn’t a Google Bard app, so any Facebook page or ad suggesting you could download the new tool would be immediately suspicious.

To protect yourself from malware and other viruses that can end up on your computer from trying to get quick access to Google Bard or other new generative AI tools, you should be running one of the best antivirus software solutions on your PC. The same goes for your Mac with the best Mac antivirus software and for your smartphone with the best Android antivirus apps.

Scammers and other cybercriminals will likely continue to use these same tactics as new AI tools are released, so it’s up to you to do your due diligence when it comes to newly released products. 

More from Tom's Guide

Anthony Spadafora
Senior Editor Security and Networking

Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.