Google’s new AI search results promotes sites pushing malware, scams (Get off Google Chrome)
By Mayank Parmar March 25, 2024 07:32 AM
Google’s new AI-powered ‘Search Generative Experience’ algorithms recommend scam sites that redirect visitors to unwanted Chrome extensions, fake iPhone giveaways, browser spam subscriptions, and tech support scams.
Earlier this month, Google began rolling out a new feature called Google Search Generative Experience (SGE) in its search results, which provides AI-generated quick summaries for search queries, including recommendations for other sites to visit related to the query.
However, as SEO consultant Lily Ray first spotted, Google’s SGE is recommending spammy and malicious sites within its conversational responses, making it easier for users to fall for scams.
BleepingComputer found that the listed sites promoted by SGE tend to use the .online TLD, the same HTML templates, and the same sites to perform redirects.
This similarity indicates that they are all part of the same SEO poisoning campaign that allowed them to be part of the Google index.
When clicking on the site in the Google search results, visitors will go through a series of redirects until they reach a scam site.
In BleepingComputer’s tests, the redirects most commonly lead you to fake captchas or YouTube sites that try to trick the visitor into subscribing to browser notifications.
Browser notifications are a common tactic scammers use to send visitors a barrage of unwanted ads directly to the operating system desktop, even when you’re not on the website.
Once we subscribed to some of the notifications, we began to receive spam with advertisements for tech support affiliate scams, fake giveaways, and other unwanted sites.
In one instance, we received an alert for McAfee antivirus that led to a site claiming our system was infected with ten viruses, urging the visitor to “Scan now to remove viruses” or renew their license.
However, these misleading ads are simply designed to sell McAfee licenses so the fraudsters can earn affiliate commissions.
Finally, and while not as common, BleepingComputer saw some of the redirects pushing unwanted browser extensions that perform search hijacking, and potentially other malicious behavior.
Other scams promoted by the SGE results lead to fake Amazon giveaways that pretend to be loyalty programs giving away an Apple iPhone 15 Pro.
These giveaway scams are used to collect your personal information, which will be sold to other scammers and direct marketers.
Article (https://www.bleepingcomputer.com/news/google/googles-new-ai-search-results-promotes-sites-pushing-malware-scams/)
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishline Training
“Where Service and Technical Skills Count”
