Right here’s methods to keep away from being hit by fraudulent web sites that scammers can catapult on to the highest of your search outcomes
10 Apr 2025
•
,
4 min. learn
When was the final time you looked for one thing utilizing Google Search, Bing or one other gateway to the infinite expanse of the web? What a foolish query, proper? It might have been simply moments in the past and maybe it’s even the way you landed on this blogpost.
Others looking on-line, nevertheless, might encounter much less favorable outcomes. How so? Our behavior of blindly trusting and clicking on high search outcomes has develop into so predictable that it may be subverted and turned towards us.
Rigging the sport
Cautionary examples aren’t laborious to return by, and I recall one that’s too quirky to not point out: some Australians who lately looked for one thing as innocuous because the legality of Bengal cats within the nation didn’t obtain simple info on pet rules; as a substitute, they unwittingly ran the danger of getting their knowledge stolen following a sequence of occasions that began with a click on on a high search engine end result.
However even should you’re not a cat fancier, you must know that even a easy search question might breed bother. Some cybercriminals have for years been utilizing strategies that may push malicious web sites dressed as much as look legit into the highest of individuals’s search outcomes, usually leveraging both website positioning poisoning (also called black hat website positioning) or, much more generally, malicious search advertisements.
One subtle instance of ‘website positioning fraud as a service’ was uncovered by ESET researchers in 2021 after they discovered a beforehand undocumented server-side trojan that manipulated search engine outcomes by hijacking the popularity of the web sites it compromises. Related campaigns have been noticed once more simply weeks in the past.
In one other instance, ESET researchers recognized a marketing campaign that deployed advertisements in Google search outcomes main victims to phony web sites that regarded an identical to these of well-liked software program, resembling Firefox, WhatsApp, or Telegram. The top aim was to realize full management of the compromised gadgets.
Determine 1. A pretend web site mixing in search outcomes for Firefox and concentrating on Chinese language audio system (picture credit score: landiannews.com)
The dangers aren’t misplaced on Google, in fact. In response to its newest Advertisements Security Reportin 2023 the corporate “blocked or eliminated over 5.5 billion advertisements, barely up from the prior yr, and suspended 12.7 million advertiser accounts, almost double from the earlier yr.”
Some threats nonetheless slip by means of, nevertheless. Which is why it pays to know concerning the dangers concerned in each natural and paid search outcomes, and methods to separate the wheat from the chaff.
Hidden in plain sight
The latest meteoric rise of AI instruments, for one, has created new searching grounds for scammers, sparking schemes the place fraudsters purchased advertisements for counterfeit ChatGPT websites that redirected folks to web sites harvesting bank card particulars. The positioning beneath displayed logos of precise OpenAI companions, presumably duping even many tech-savvy victims. A lot the identical factor occurred with different AI instruments, together with most lately when DeepSeek burst onto the scene.
Determine 2. Pretend ChatGPT websites showing in advertisements
ESET researchers in Latin America lately noticed a complicated marketing campaign that impersonated the La Veloz del Norte bus firm campaigns and focused Argentinians who seek for long-distance bus tickets. Vacationers who entered their info on the imposter web site unwittingly handed over each login credentials and banking particulars to cybercriminals.
Determine 3. Hyperlinks to this bogus web site appeared in Google Search
Monetary companies characterize notably high-value targets. In 2022, ESET researchers in Latin America alerted folks to scams impersonating Mastercard by means of advertisements.
Determine 4. Mastercard impersonators
Staying protected
Most of all, keep in mind that prominence in search outcomes doesn’t mechanically equate to legitimacy. Additionally, likelihood is excessive that many individuals don’t at all times distinguish between natural outcomes and advertisements, and criminals benefit from this particularly by means of malvertising campaigns aimed toward individuals who, for instance, seek for software program.
In some instances, fraudsters might register a typosquatting or similar-looking top-level area to that of the software program writer with a view to dupe the sufferer, as was the case right here with telegraem(.)org. Which is why you must keep away from blindly clicking on no matter seems on the high of your search web page. As a substitute, study the URLs meticulously and look out for any indicators that one thing is amiss. Apply the identical degree of scrutiny should you’re utilizing Google’s AI search options, as scammers are continuously evolving their strategies and discover new methods of selling web sites that push scams and malware.
Shield your digital accounts with robust and distinctive passwords or passphrases, in addition to with two-factor authentication. Use respected safety software program that may determine and block connections to malicious domains, thus offering an extra layer of safety towards misleading search outcomes.
Additionally, Google itself affords instruments to examine the outcomes, resembling accessing particulars by clicking the three dots adjoining to sponsored listings, which might expose discrepancies between claims and the true id. In case you suspect that you’ve got encountered a dodgy web site, you’ll be able to report it to Google.
Conclusion
We’ve all executed it one million occasions: typed a question, scanned outcomes, clicked on one among them, ‘acquired our fill’, and moved on. And though traditional search engines like google more and more compete with the likes of ChatGPT and AI-generated search summaries, the traditional search-and-click routine is unlikely to go wherever any time quickly. Outdated habits die laborious, and the dangers aren’t going wherever, both. Search fastidiously.
