Google Chrome researchers want to make dodgy URLs a thing of the past.
The Google Chrome browser will soon include a tool that will warn internet users when they try to access fake websites that are using domain names to appear like the real deal.
Google Chrome engineer Emily Stark spoke at the Enigma security and privacy conference about the plans to roll out the new tool.
URLs often need a closer look
For many internet users, carefully examining the URL for tricks and typos that obfuscate its malicious intention is something that doesn’t happen.
For example, in a so-called ‘homograph attack’, a URL may read ‘Silic0nrepublic.com’ with a zero, as opposed to the correct version with the letter ‘o’.
Missing a sneaky alteration such as this could land users in trouble, with credential theft or other threats a real risk. Typosquatting is another method cybercriminals use, whereby they use a common misspelling of a domain name such as ‘googel.com’ to redirect users to malicious sites.
Less investigation for Chrome users
The new warning will take the pressure off the user to inspect when a URL is incorrect. Stark said: “What people are seeing in the URL bar really just isn’t helpful to them as a security mechanism.”
This warning could end up reducing instances of phishing, if it is heeded by Chrome users. A reduction in people entering usernames, card details and passwords may spell trouble for cybercriminals.
According to Google Chrome, the warning was designed to be informative as opposed to scary, and is still at the testing stage. If users want to keep going in the direction of the questionable site, they will have freedom to do so.
Stark told Wired: “What we’re really talking about is changing the way site identity is presented. People should know easily what site they’re on, and they shouldn’t be confused into thinking they’re on another site.
“It shouldn’t take advanced knowledge of how the internet works to figure that out.”
Google Chrome updates
Meanwhile, the latest edition of Google Chrome includes a variety of new features, including the addition of voice search on the mobile version of the browser for Android.
Chrome Settings has also been revamped in Version 72 with Autofill support, splitting Autofill into its own separate section for payment methods, passwords, addresses etc.
Pop-ups during page unloads have also been nipped in the bud, while users can now see their Tab History by long-pressing on their keyboard’s ‘back’ button.