Google expands Chrome’s anti-phishing tools as hackers’ obsession with credentials continues
Google says it will now warn users when they are potentially visiting a phishing page in the Chrome browser, a plan that coincides with a wider company effort to alert people when they are being targeted by state-sponsored cyberattacks and other threats to their digital identity.
In a blog post Tuesday Google said it would expand “predictive phishing protection” in the Chrome browser. The goal is to check in real-time if scammers are leveraging websites, advertisements, chat apps or other channels to try to steal Chrome users’ credentials. The effort marks an improvement from the previous option, in Google’s Safe Browsing mode, which relied on a block list that Google updated every 30 minutes.
It’s also the latest example of a technology company trying to mitigate the risks associated with usernames and passwords as means of validating a user’s identity. While biometric authentication has become common on smartphones, Microsoft also has added functionality to its Windows 10 operating system to help encourage users to go password-less. Meanwhile Mozilla has pushed password managers, and offers an extension to alert users when they’re using insecure credentials.
“When you visit a website, Chrome checks it against a list stored on your computer of thousands of popular websites that are known to be safe,” the blog post said. “If the website is not on the safe-list, Chrome checks the URL with Google (after dropping any username or password embedded in the URL) to find out if you’re visiting a dangerous site.”
The change has resulted in a 30% uptick in protections for users who visit malicious sites, the company said. Hackers had previously proven capable of creating phishing pages fast enough to defeat the 30-minute window in Safe Browsing, Google added.
Google also announced the Password Checkup extension, which warns users when they’ve entered credentials that previously were made public in prior data breaches, will become part of the Chrome browser. That extension, first unveiled in February, aimed to make it more difficult for hackers to compromise users who rely on password reuse to breach multiple accounts belonging to a single individual.
Word of these plans, to be included in Chrome following Tuesday’s release of version 79, came two weeks after Google’s Threat Analysis Group said it sent 12,000 notifications to users in 149 countries between July and September informing them they targeted by state-sponsored hackers. That figure was within 10% of the number of warnings Google sent during the same period in 2018 and 2017.
The overwhelming majority of that targeting involved attempts to steal an individual’s credentials in order to break into their account. The Threat Analysis Group said it also plans to reveal more technical details on contextual data on state-sponsored campaigns in the future.