Be careful what you search for—that’s the message, as Google’s new AI search suddenly delivers up a nasty menu of dangerous malware and scams…
Well, this is awkward. As the world waits to see the transition from traditional search to the newer, sparklier, more exciting AI alternative, the first update out the traps is not what we expected and appears to have gone horribly wrong.
Google wants to “supercharge search with generative AI,” and has launched its new SGE—or Search Generative Experience to give users an early taste of how this more powerful, contextual mechanism will transform boring old search results.
But last week, one SEO consultant playing with the new technology discovered pretty obvious scams within the results. Bleeping Computer confirmed the results, warning that “Google’s new AI-powered ‘Search Generative Experience’ algorithms recommend scam sites that redirect visitors to unwanted Chrome extensions, fake iPhone giveaways, browser spam subscriptions, and tech support scams.”
And the issue with generative AI, of course, is that dangers come dressed up in nice, friendly, chatty language to which we have not yet honed our defenses.
Most of the fraudulent redirects appeared to be targeting personal information, adware or links to unwanted subscriptions to reap commission payments—albeit some of the links were more dangerous, “pushing unwanted browser extensions that perform search hijacking, and potentially other malicious behavior.”
Google told Bleeping Computer that “we continue to update our advanced spam-fighting systems to keep spam out of Search, and we utilize these anti-spam protections to safeguard SGE.” They also confirmed that “we’ve taken action under our policies to remove the examples shared, which were showing up for uncommon queries.” I have approached Google for any further comments on these issues.
While SGE has been opt-in until now, it’s widening the net. As reported by 9to5Google, “Google is starting to show SGE AI-powered overviews to users who have not signed up. Google has since confirmed the test is happening on a ‘small percentage of search traffic’ on ‘certain categories,’ but only in the United States. This also includes users who are not logged into a Google account.”
The wider issue, of course, is that this is an entirely new threat landscape that can be exploited with a new wave of tricks, targeting an audience not yet savvy.
Despite these teething issues, AI search is clearly the future… but there is certainly a lesson here to be careful as you first venture out onto the ice, and don’t forget that despite the chatty language, all the usual rules of safe searching apply.
These problems will get much worse as search becomes more integrated into generative AI chatbots, without the benefit of seeing search results listed out. Before that happens, the filters and defenses need to be hugely improved.