Attackers are constantly trying to use phishing tactics to steal credentials and information from unsuspecting users. Now, in an effort to help protect users from “lookalike URLs,” Google is adding a feature to Chrome that helps filter out sites with URLs that are too similar to popular websites and have been deemed unsafe.
Nomad case for Pixel 3
First reported by ZDNet, this feature has actually been in testing since Chrome 70 hit the Canary channel. When enabled, the feature will keep an eye out for mistyped URLs which are close to another, popular website. For example, typing in “paypai.com” will trigger a banner which suggests that you might have meant to go to paypal.com.
Crooks using common misspellings of popular domain names is far from rare nowadays, with unicode characters also commonly used to mislead users. It’s unclear how widely Google will implement this feature, but the note that affect domains include “popular domains” and “domains with a site engagement score” hints that it will probably have fairly wide effects.
Users can already enable this through the flags in Chrome’s latest Canary release. Typing chrome://flags/#enable-lookalike-url-navigation-suggestions brings up the relevant toggle. Google says that the feature is close to being finalized as of January 29th, but it’s not totally clear when it will reach a stable release.
Image Credit: ZDNet
More on Google Chrome:
- Chrome 72 for Mac, Windows, Linux rolling out w/ revamped Google settings, kills Chromecast setup
- Google Chrome’s Manifest V3 proposal would stop Tampermonkey from working
- Google testing new URL copy and share buttons in Chrome for Android’s ‘search-ready’ omnibox