We all love our Google, quickly finding everything we need on the Internet. It’s replaced dictionaries, encyclopedias, instruction manuals, newspapers and in many cases, even doctors. However, sometimes your search results aren’t the real thing and can be downright malicious. Here’s how to search safely:
Pay attention to the URL in Google
Below every result title, there’s a URL in green. No matter what the title says, this URL is where your click will take you. Unfortunately, cyber-criminals will often list their site with a familiar and trusted title but link you to their scam/malware pages.
For example, the title could be your bank name (eg, Example Bank), which seems legitimate, but the URL could be www.baabpjhg.com which is obviously not your bank. Sometimes they’ll attempt to trick you by putting the real site into the link too, eg www.baabpjhg.com/examplebank.com which makes it even more likely to catch you when skimming through results quickly. When you visit the page, it might look exactly like your bank’s site and ask for your login details, which are then harvested for an attack. While jibberish in the link is pretty easy to spot, sometimes they’ll take advantage of a small typo that you can easily miss. For example, www.exampebank.com (missing the letter L).
Here is an example of a result you may find if you searched for “MSN Support’…Notice how that blue text seems to be what you want and even gives a phone number! But, note that the green text is ‘microsofttechsupportphonenumber.com’…an address that is obviously NOT actually Microsoft. If you were to visit this site or call this phone number you would get a person claiming to be with Microsoft. They would ask to connect to your computer, then proceed to show you ‘problems’ that need to be fixed, and charge money to do so. It’s all a scam and you would be surprised how many people still fall victim to this on a weekly basis (we get 3-4 calls a week).
Notice Google search results vs paid ads
Google does a pretty good job at making sure the most relevant and legitimate sites are at the top of the list. However paid ads will usually appear above them. Most of the time, these paid ads are also legitimate (and you can quickly check the URL to verify), but occasionally cybercriminals are able to promote their malicious site to the top and catch thousands of victims before being removed.
Here is an example of a search for ‘MSN’ Support’ again, this time you can see that the first FOUR links are actually ads as denoted by the little ‘Ad’ icon at the left side. These links would lead to a scam as described above. The first real link to Microsoft is at the bottom!
Believe Google’s malicious site alerts
Sometimes Google knows when something is wrong with a site. It could be a legitimate site that was recently hacked, a security setting that’s malfunctioned, or the site was reported to them as compromised. When this happens, Google stops you clicking through with a message saying “this website may be harmful” or “this site may harm your computer”. Stop immediately, and trust that Google has detected something you don’t want in your house. We recommend that you use Google Chrome as your browser of choice because this function works even better then.
This is an example of the malware warning when using Google Chrome. If you see this message, DO NOT TRY TO GET AROUND IT…it is there for a reason!
Turn on safe search
You can filter out explicit results by turning on Google Safe Search. While not strictly a cyber-security issue, it can still provide a safer Google experience. Safe Search is normally suggested as a way to protect browsing children, but it also helps adults who aren’t interested in having their search results cluttered with inappropriate links, many of which lead to high-risk sites. Switch Safe Search on/off by clicking Settings > Safe Search.
This is what the menu to switch SafeSearch on and off looks like. I have SafeSearch on, so the option is to turn it off in my example, but if you have it off, the option will be to turn it on.