Phishing is a common hacking method where attackers trick victims into clicking on malicious links and typing in their login credentials. It can also be used to steal the username and password of the victim to access their personal data or make financial transactions. The malicious pages are often exact copies of a well-known site, making it difficult to spot – and easy to fall for.
With the number and sophistication of phishing attacks on the rise, Google has come up with a live alert-system to warn users against potential phishing links through its Chrome browser.
The tech giant has realised that its current system, where a list of flagged suspicious sites are checked against the users visited URLs every 30 minutes, could potentially be bypassed by experienced attackers.
In a blog post, Google wrote, “We’re noticing that some phishing sites slip through our 30-minute refresh window, either by switching domains very quickly or by hiding from Google’s crawlers”.
Google, therefore, plans to change its methods by checking each site visited on its Chrome browser against a list of safe websites. If the site is not on its ‘safe-list’, Google said it will automatically reference the URL to determine if it’s dangerous.
So, whilst the feature was previously available for Chrome’s Safe Browsing mode where the URLs are checked locally every 30 minutes, it will now be checked in real-time for stronger security.
But does this mean Google will be keeping a log of every URL you visit? According to the tech giant, no. Google has stated that instead of checking the full URL, it only checks an encrypted version of the link, meaning that the company doesn’t see the actual URL that you are visiting.
Not only will Chrome check URLs for malicious behaviour, but users who enter their passwords into sites found to be malicious or that have been deemed malicious will now also be warned by Google’s predictive phishing protection. The company commented,
“If this check determines that the site is indeed suspicious or malicious, Chrome will immediately show you a warning and encourage you to change your compromised password. If it was your Google Account password that was phished, Chrome also offers to notify Google so we can add additional protections to ensure your account isn’t compromised.”
You can turn on the new feature by enabling the ‘Make searches and browsing better’ feature in Chrome settings.
What do you think of Google Chrome’s new phishing feature? Let us know your thoughts @hyve!
More articles in Blog
- What is Hybrid Cloud?
- Why the healthcare sector is embracing hybrid cloud
- How can businesses use the cloud to reduce their carbon emissions?
- 3 public sector cybersecurity threats – and how to prevent them
- Why digital agencies need a managed hosting provider
- 5 ways the cloud saved education during the pandemic
- Hyve Managed Hosting wins “Company of the Year” at the Brighton and Hove Business Awards
- Is it about time the insurance sector embraced the cloud?
- The importance of ISO 27001
- Cloud Security: An Essential Guide
- On premise vs. the cloud: What is the future for the financial sector?
- Is your hosting provider solving your big data problems?