AI-powered search features have changed how people access information, but they’re seldom foolproof. While convenient, these tools can lead you straight to a phishing site if you’re not careful. That’s why knowing how to spot suspicious links is essential to protecting yourself online.
How AI Search Results Are Suggesting Scam Sites
AI tools can expose users to phishing scams and risks in numerous ways. For instance, if you ask an AI-powered chatbot for registered URLs of different businesses, it might return links that look legitimate but don’t belong to the brands. Some of these domains could be inactive or might even have been taken over by cybercriminals.
Likewise, some AI tools, like Google AI Overviews, display clickable links as part of the response. Users in the past have found Overviews displaying links to fake sites posing as Craigslist, for example. It’s fairly easy to check where Google AI Overviews gets the information it’s giving you, but you’ve got to be mindful about vetting the URL before you click it.
More recently, Overviews has even surfaced scam support numbers as if they were legitimate businesses. Since AI tools like Google Overviews function by summarizing information across the web, phishing links disguised as legitimate links could end up slipping through as well.
How to Protect Yourself From Fake Links in AI Chats
If you use AI platforms, there are a few ways to protect against the risk of fake or dangerous links. For instance, you can force ChatGPT Search to use high-quality sources. However, despite this, it’s a good idea to practice a few safety checks to ensure you don’t accidentally end up on a scam site.
1. Double Check URLs
A scam site address might appear identical to the brand’s original URL. Any differences are usually very minor, since cybercriminals are hoping to trick unsuspecting users into overlooking them. For example, they might add an extra world like “login” to the domain, or you might find an extra letter slipped in (or a letter missing).
These changes can be hard to spot. But the best way to ensure a link is safe is by taking the time to check the URL before you click. If you notice any inconsistencies, don’t navigate to the site.
2. Make Sure the Site Uses HTTPS
A secure website will always use HTTPS, which you can detect by looking for the padlock icon and a “Connection is secure” message within your browser (select the icon on the left of the address bar). You can also just double-click the URL in the address bar to check if it begins with “https://.”
On the flip side, if you notice that the site you’ve been suggested starts with “http://,” it might be best to just skip it altogether. Legitimate brands almost always secure their domains. If you end up on a site that lacks this basic protection, leave as soon as you can and avoid entering any details.
3. Don’t Rely on AI Answers/Search Results
AI-generated answers are undoubtedly convenient. Rather than browsing multiple websites on a regular search engine, AI tools summarize the information you want and provide you with direct links that you can use for further research. The issue is that these links aren’t always vetted, so you can’t be sure if they’re safe.
Some links might lead to outdated pages, while others might lead you to malicious sites designed to steal your information or infect your device with malware. Given this, it’s a good idea not to completely rely on AI-generated answers. If you use AI platforms for your research, it’s best to treat the responses and any included links as a starting point.
4. Look at Search Results on Regular Search Engines
If you’re unsure about the URLs shared by an AI platform, check what comes up on a regular search engine. For instance, if you’ve asked for the login URL to a popular brand, double-check that the link is accurate using a traditional search engine like Google or Bing.
If you don’t see the same link appear in the search results, that’s a clear indication that the URL generated by the AI platform might be unreliable and unsafe.
5. Use a Link Checker
There are several sites that will let you check if a link is safe. If you have your doubts, but can’t ascertain whether a URL is legitimate just by looking into it, paste it into a link checker to find out.
Most of these tools will scan the URL and provide you with a safety report that indicates if the URL is risky. If you’re dealing with a shortened URL, you’ll want to first use a URL expander tool. Once you can see the full URL, you can verify if it is safe.
As AI platforms and search tools continue to evolve, we can hope that they become better at weeding out malicious sites before they reach the end user. However, a 2025 Netcraft study highlighted just how unreliable AI tools are currently.
When asked to generate the login URLs to well-known platforms, a whopping 34% of the links were incorrect. Nearly 30% of those domains were parked, inactive, or unregistered, making it easy for cybercriminals to take over. Given that we seem to have a long way to go before AI can reliably filter out spam sites, it’s best to take steps to keep yourself safe.
