Earlier this week, an alert went out on a popular PC subreddit, warning AMD graphics card owners of a malicious website. The way you would stumble onto the site? Clicking on the first search result in Google for “amd driver.”
The link of course was not one picked by Google’s normal search engine algorithm. It was instead an advertisement sitting in the very first search result slot—but labeled so discreetly that an otherwise conscientious new Radeon owner could be duped.
These text-based advertisements aren’t a new feature to Google, but their extremely discreet label and styling allow even old internet hands to click when distracted or in a hurry. They don’t appear consistently either, adding difficulty in remembering when to avoid the very first result for a search. This scummy tactic is also not a new development in the world of malware. Hackers and scammers have always tried to use text-based ads to get hooks into our PCs and private data.
But though Google has long had the opportunity to better protect its users, the company has continually left consumers to dodge hazards on their own. Reporting malicious ads is the only way to try to scrub them from search results—and there’s always more to take their place. It’s not the only search engine that does this, either. In fact, while we couldn’t replicate this particular issue in Google (possibly because the good citizens of Reddit reported that ad into oblivion), we did in Bing at the time this article was written. Thanks, Microsoft.
Unfortunately, we’ll be stuck with this issue for years to come, if the past is any indication. So don’t allow yourself to grow lax, even as web browsers and antivirus software improve their security screening. You can take these three steps to guard yourself:
Always check the address of the link you’re clicking. It’s the best way to verify you’re going to an official site. If you can’t see the full URL, hover your mouse over the text link and it’ll appear at the very bottom left of your browser tab.
Scroll down the list of results. Text ads for legit companies will appear again as normal search results, often within the top five.
Don’t click on results labeled as ads. Can’t fall for malicious fake ads if you don’t click on any ad links!
Report malicious links as you see them. Notifying Google of problematic links makes search results safer for everyone on the web. Complain to Google about it, too. Just because the company outsources their screening to us doesn’t mean we have to put up it silently.
Alaina Yee is PCWorld's resident bargain hunter—when she's not covering PC building, computer components, mini-PCs, and more, she's scouring for the best tech deals. Previously her work has appeared in PC Gamer, IGN, Maximum PC, and Official Xbox Magazine. You can find her on Twitter at @morphingball.