As phishing is getting better, Google engineers are exploring ways to help users better identify potentially malicious URLs. Google Chrome is currently testing a new warning to mark these types of domains, CNET announced.
This feature was highlighted this week by Emily Stark, a Google Chrome security engineer who spoke Tuesday at the Enigma Conference in Burlingame, California. According to CNET, the tool would essentially flag incorrectly typed URLs or shadow domains that want to mislead web users by mimicking the addresses of other websites – a tactic used to manipulate users to share a payment or other personal information. When this happens, the tool will prompt users to target a two-level or schematic URL instead of redirecting to a legitimate URL. CNET Announces:
The new alert that is still being tested warns consumers that they are not targeting a popular website or website they've been engaging in the past. If the user wants to keep going in that direction, he can click "ignore". Stark said her team wants to raise a banner for consumers without overestimating the dangers.
According to Stark, URLs are simply not as effective as red flags for consumers, as they should be (especially on mobile devices), especially with the increasingly disguised tricks in the game. A recent malicious phishing practice test from Google's subsidiary and Alphabet Jigsaw, for example, cheated one of Gizmodo's writers in two of the eight examples. These examples are based on legitimate phishing scams that Google encountered and include everything from fake documents and PDFs to schematic domains – some of which are extremely convincing.
We know that Google is working to fix this problem for as long as now. Speaking with Wired in September, Google software engineer Adrian Porter Felt said the company is trying to "move to a place where web identity is understandable to everyone – they know who they are talking to when they use a website and can do that , Filt said, Google will have to study the "big changes" in URL displays.
ZDNet announced on Wednesday that Google has actually tested the Navigation suggestions for Appearance URLs since last year's Chrome Canary 70. The site noted that users can activate it as an experimental feature in Chrome Canary, as well as the robust version of Chrome, but added that the Stable Mode feature failed to find the same URLs that Canary had chosen, which means Google engineers are still refining their URL detection system before it's officially published . Users can find the experimental feature here: chrome: // flags / # enable-lookalike-url-n Navigation suggestions
A Google spokesman told Gizmodo that he is still working on the feature and that there is no official release date yet.