Google’s AI-Powered Search Feature Recommending Scam Sites, Redirects Users to Malicious Content
Google’s new AI-powered ‘Search Generative Experience’ algorithms recommend scam sites that redirect visitors to unwanted Chrome extensions, fake iPhone giveaways, browser spam subscriptions, and tech support scams.
Earlier this month, Google introduced a new feature known as Google Search Generative Experience (SGE) in its search results, offering AI-generated quick summaries for search queries along with recommendations for related sites to visit. However, concerns have been raised as SEO consultant Lily Ray discovered that Google’s SGE is recommending spammy and malicious sites within its conversational responses, increasing the risk of users falling for scams.
Upon investigation by BleepingComputer, it was found that the listed sites promoted by SGE often share similarities in terms of their domain ending with .online, HTML templates, and redirect tactics. This indicates that they are part of the same SEO poisoning campaign and have managed to be included in Google’s index.
Clicking on these suggested sites in Google search results leads visitors through a series of redirects, ultimately landing them on scam sites. These scams range from fake captchas to YouTube-like pages tricking visitors into subscribing to browser notifications, which can then be used to bombard users with unwanted ads even when they are not on the site.
Some of the redirects lead to sites promoting unwanted browser extensions that hijack searches or other malicious activities. Additionally, other scams include fake Amazon giveaways offering an Apple iPhone 15 Pro, which are actually ploys to collect personal information for sale to scammers and marketers.
The danger lies in AI-powered search responses that appear conversational, making the recommended sites seem more credible and trustworthy. It remains unclear how these low-quality sites manage to bypass Google’s algorithms, but it serves as a reminder to verify websites before visiting them, especially as AI plays a larger role in online searching.
Google has reassured users that they are constantly updating their systems and ranking algorithms to combat spam and protect against such scams. They have taken action to remove the examples shared by BleepingComputer, which were appearing for uncommon queries.
To combat the issue of unwanted browser notification spam from these scam sites, users are advised to unsubscribe from notifications by accessing the settings page in their browser. For Google Chrome users, steps to remove these notifications include navigating to Chrome Settings, then Content, and finally Notifications to revoke subscriptions from unwanted sites.
As the battle between spammers and search engines continues, it’s crucial for users to remain vigilant and verify the legitimacy of websites before engaging with them.
