If you need more proof that generative AI has a long way to go before we can fully trust it, look no further than the search results from Google’s Search Generative Experience (SGE). Google announced the AI-powered Search feature in May and rolled out access in Search Labs shortly later. SGE offers AI-generated overviews alongside search results, and while this can be useful, it’s far less appealing when it redirects users to malicious websites.
Last week, SEO consultant Lily Ray spotted some suspicious suggestions when she conducted a quick search using Google’s SGE. After answering her question, SGE recommended multiple spammy and dangerous websites for her to visit related to her search:
After seeing Lily Ray’s tweet, BleepingComputer did some investigating and visited a few of the sites, which are reportedly all part of an “SEO poisoning campaign that allowed them to be part of the Google index.” If you click on one of the links, you’ll be redirected multiple times until you end up on a scam site. These sites often feature fake CAPTCHA challenges or fake YouTube videos and attempt to convince users to allow browser notifications.
BleepingComputer allowed browser notifications from several sites to see what would happen. They began receiving spam on their desktop with ads for tech support scams, fake giveaways, and a fake alert from McAfee antivirus about malware being detected.
In some instances, the endless redirects even pushed malicious browser extensions capable of hijacking searches and other dangerous behavior.
The good news is that Google acted quickly to remove some of the spammy results.
“We continue to update our advanced spam-fighting systems to keep spam out of Search, and we utilize these anti-spam protections to safeguard SGE,” Google told BleepingComputer after being made aware of the sites. “We’ve taken action under our policies to remove the examples shared, which were showing up for uncommon queries.”
That said, this doesn’t guarantee that other uncommon searches could dig up other scam sites or that scammers won’t find clever new ways around Google’s safeguards in the future. In the meantime, be vigilant about what you click, even if an AI suggests it.