Google’s new AI search results promotes sites pushing malware, scams


Google’s new AI-powered ‘Search Generative Experience’ algorithms recommend scam sites that redirect visitors to unwanted Chrome extensions, fake iPhone giveaways, browser spam subscriptions, and tech support scams.

Earlier this month, Google began rolling out a new feature called Google Search Generative Experience (SGE) in its search results, which provides AI-generated quick summaries for search queries, including recommendations for other sites to visit related to the query.

However, as SEO consultant Lily Ray first spotted, Google’s SGE is recommending spammy and malicious sites within its conversational responses, making it easier for users to fall for scams.

Google AI overviews pushing spam
Google AI overviews pushing spam
Source: Lily Ray

BleepingComputer found that the listed sites promoted by SGE tend to use the .online TLD, the same HTML templates, and the same sites to perform redirects.

This similarity indicates that they are all part of the same SEO poisoning campaign that allowed them to be part of the Google index.

When clicking on the site in the Google search results, visitors will go through a series of redirects until they reach a scam site.

In BleepingComputer’s tests, the redirects most commonly lead you to fake captchas or YouTube sites that try to trick the visitor into subscribing to browser notifications.

Spam website mimics YouTube to push notification
Spam website mimics YouTube to push notification
Source: BleepingComputer

Borwser notifications are a common tactic scammers use to send visitors a barrage of unwanted ads directly to the operating system desktop, even when you’re not on the website.

Once we subscribed to some of the notifications, we began to receive spam with advertisements for tech support affiliate scams, fake giveaways, and other unwanted sites.

Browser notification spam promoting affiliate scams
Browser notification spam promoting affiliate scams
Source: BleepingComputer

In one instance, we received an alert for McAfee antivirus that led to a site claiming our system was infected with ten viruses, urging the visitor to “Scan now to remove viruses” or renew their license.

Tech support scam pushing antivirus scans
Tech support scam pushing antivirus scans
Source: BleepingComputer

However, these misleading ads are simply designed to sell McAfee licenses so the fraudsters can earn affiliate commissions.

Finally, and while not as common, BleepingComputer saw some of the redirects pushing unwanted browser extensions that perform search hijacking, and potentially other malicious behavior.

Other scams promoted by the SGE results lead to fake Amazon giveaways that pretend to be loyalty programs giving away an Apple iPhone 15 Pro.

These giveaway scams are used to collect your personal information, which will be sold to other scammers and direct marketers.

Free iPhone 15 Pro giveaway scam
Free iPhone 15 Pro giveaway scam
Source: BleepingComputer

What makes this trickier is how Google’s AI answers search queries in a conversational tone, pushing websites to visit for more information. Since SGE links to websites within the answers, this can make the malicious sites seem more believable and trustworthy.

Google AI overviews
Google AI overviews (SGE) pushing Amazon Gift Card scam websites
Source: Simon Panting

It is unclear how these low-quality sites are making it into Google’s AI-powered search algorithms.

However, as AI becomes a more significant part of how we search online, it is becoming increasingly clear that we cannot automatically trust the information these algorithms produce and must verify sites before visiting them. 

Google told BleepingComputer that they continuously update their systems and ranking algorithms to protect against spam. However, spammers also evolve their techniques to evade detection and get their content into the search index, making this a game of cat and mouse.

“We continue to update our advanced spam-fighting systems to keep spam out of Search, and we utilize these anti-spam protections to safeguard SGE,” Google told BleepingComputer.

“We’ve taken action under our policies to remove the examples shared, which were showing up for uncommon queries.”

Remove Google Chrome notification spam

As most of the scam sites promoted by SGE lead to unwanted browser notification spam, learning how to unsubscribe from them is essential.

To unsubscribe to browser notifications from a site, you can open the notifications settings page in your browser to see a list of sites that you are subscribed to.

For Google Chrome, you can do this by following these steps:

  1. Open Chrome > Settings > Content > Notifications.
  2. Under “Allowed to send notifications“, you will see a list of sites that you have subscribed to browser notifications. For each one, click on the the three dots next to the URL and select Remove to revoke the subscription.

    Chrome notifications

Once done, you will no longer receive browser notification spam from these sites.





Source link