Google is now warning users in real-time if websites they are visiting are being used by hackers to ‘phish’ for personal details
- New phishing protections now monitor users’ safety in real-time
- Google will check sites that aren’t on its list of safe URLs automatically
- If suspicious Google will warn users and offer them suggestions
- Another feature will also warn if users are entering password data into bad sites
Google is upping its efforts to safeguard users against phishing scams with a new real-time alert system.
In a blog post on Tuesday, Google said it will expand on its current system that checks a reference list of flagged sites against URL’s the a users has visited once every 30 minutes.
According to the tech giant, while the standard has worked to mitigate many phishing scams, which involve using phony web pages and online forms to hoover users’ personal data, the number and sophistication of sites has exploded in recent years.
Google will monitor whether users are at risk of getting phished in real-time by reference visited URLs against a list of safe sites (Stock photo)
That influx of more slippery sites has made it difficult to properly document them, Google says.
‘We’re noticing that some phishing sites slip through our 30-minute refresh window, either by switching domains very quickly or by hiding from Google’s crawlers,’ Google wrote in a blog post.
Now, Google says it will change its methods by checking each site visited on its Chrome browser against a list of safe websites.
If the site is not on its ‘safe-list’ Google said it will automatically reference the URL to determine if it’s dangerous.
‘These new protections can inspect the URLs of pages visited with Safe Browsing’s servers in real time,’ Google wrote.
‘When you visit a website, Chrome checks it against a list stored on your computer of thousands of popular websites that are known to be safe.’
In addition to the real-time checks, Google said it will also expand its predictive phishing protections.
Phishing sites attempt to trick users into entering sensitive information into malicious web pages and forms, including passwords or other personal data (Stock photo)
Specifically, Google will now warn users who enter their passwords into a site found to be malicious or one that has been deemed malicious.
This feature has existed prior to this week but was only available to those who had Google Chrome’s syncing feature enabled, but is now available to all users.
‘If this check determines that the site is indeed suspicious or malicious, Chrome will immediately show you a warning and encourage you to change your compromised password,’ Google said,
‘If it was your Google Account password that was phished, Chrome also offers to notify Google so we can add additional protections to ensure your account isn’t compromised.’