We all love Google, quickly finding everything we need on the Internet. It has replaced dictionaries, encyclopedias, instruction manuals, newspapers and in many cases, even doctors. However, sometimes your search results aren’t the real thing and can be downright malicious.
Here’s how to search safely:
Pay attention to the URL in Google
Below every result title there’s a URL in green. No matter what the title says, this URL is where your click will take you. Unfortunately, cyber-criminals will often list their site with a familiar and trusted title but link you to their scam/malware pages.
One of our customers recently bought Office 365 and instead of typing office.com/setup, they searched for it on Google and ended up on something like setup.office-com.au... After entering the product key for the software they bought, they were told there is something wrong with it and they need to buy a $500 firewall to fix it!
Another example, you could be searching for your bank name (i.e., Kiwibank), but the URL will say something like online-bank-login.com/kiwibank. Not everybody knows what the URLs (links) should look like so it's easy to click on something like this when you are in a rush or not being careful!
When you visit the page, it might look exactly like your bank’s site and ask for your login details, which are then harvested for attack. While jibberish in the link is pretty easy to spot, sometimes they’ll take advantage of a small typo that you can easily miss. For example, www.klwibank.co.nz (notice l instead of i).
Notice Google search results vs paid ads:
Google does a pretty good job at making sure the most relevant and legitimate sites are at the top of the list. However paid ads will usually appear above them. Most of the time, these paid ads are also legitimate (and you can quickly check the URL to verify), but occasionally cyber-criminals are able to promote their malicious site to the top and catch thousands of victims before being removed.
Believe Google’s malicious site alerts
Sometimes Google knows when something is wrong with a site. It could be a legitimate site that was recently hacked, a security setting that’s malfunctioned, or the site was reported to them as compromised. When this happens, Google stops you clicking through with a message saying “this website may be harmful” or “this site may harm your computer”. Stop immediately, and trust that Google has detected something you don’t want in your house.
Turn on safe search
You can filter out explicit results by turning on Google Safe Search. While not strictly a cyber-security issue, it can still provide a safer Google experience. Safe Search is normally suggested as a way to protect browsing children, but it also helps adults who aren’t interested in having their search results cluttered with inappropriate links, many of which lead to high-risk sites. Switch Safe Search on/off by clicking Settings > Safe Search.
Use an Ad Blocker
Using an Ad Blocker can help your online experience safer and more enjoyable. There are many options, from free uBlock (our choice!) to paid AdGuard. These block most advertisements on the web and sometimes even intrusive Facebook and Youtube ads!