Google Chrome Boosts Security: Real-Time Protection for Phishing Threats on Desktop and iOS

Google introduces new security and privacy updates for Chrome users on desktop and iOS. Real-time protection aims to detect and block 25% more phishing attacks. Enhanced password protection and alerts for weak and reused passwords added for iOS Chrome app users.

In today's digital world, online threats are a constant concern for users. Recognising the importance of protecting its users, Google has announced a significant update to enhance security and privacy for Chrome users on both desktop and iOS devices. These new features aim to improve the detection and prevention of phishing attacks, with Google claiming a 25% increase in the number of attacks that will be detected and blocked by the browser.

Time is of the essence when it comes to cyber security. According to Google's Chrome and Safe Browsing product managers, malicious sites used by cybercriminals to steal personal data and access finances typically exist for less than 10 minutes. This short window of opportunity poses a significant risk to users relying on technologies like Google's Safe Browsing feature. However, Google is determined to change the game by introducing an upgrade to its Safe Browsing protection, aiming to minimise this window of vulnerability.

Previously, Google's Safe Browsing feature relied on a list of known dangerous site addresses and files, which was updated every 30 to 60 minutes. This meant that malicious sites could come and go before users and Google were even aware of their existence. To keep up with the increasing pace of hackers, Google has now introduced real-time, privacy-preserving URL protection for Chrome users on desktop and iOS. Additionally, new password protections have been implemented on Chrome for iOS to further enhance user safety while browsing the web.

With over 5 billion devices running the Chrome browser, Google's Safe Browsing feature assesses more than 10 billion addresses and files daily, issuing over 3 million alerts to users. With the introduction of real-time protection, Google expects to block 25% more phishing attempts by promptly warning users of potential risks.

So, how does the new Chrome Safe Browsing feature work? The updated functionality, which will be available for Android users later this month, prioritises user privacy by utilising encryption and other privacy-enhancing techniques. This ensures that no one, including Google, knows which websites users are visiting. Previously, Chrome checked visited sites against a locally stored database of malicious sites, but now, checks are performed against a server-side list maintained by Safe Browsing. This list includes newly discovered malicious sites, allowing for real-time protection.

User identifiers are removed before the encrypted data is sent to the Safe Browsing server via a secure connection.

To preserve privacy, Google has partnered with the Fastly cloud platform to implement an Oblivious HTTP (OHTTP) privacy server. This server operates between Chrome and Safe Browsing, ensuring that Safe Browsing does not have access to users' IP addresses. The URL checks are mixed with those sent by other Chrome users, preventing Safe Browsing from correlating the checks with individual users' browsing activities.

For iOS Chrome app users, Google has introduced an update to the Password Checkup feature. This feature already flags compromised passwords found in dark web databases. Now, it also alerts users to weak passwords and reused passwords, providing an additional layer of protection.

• Google introduces new security and privacy updates for Chrome users on desktop and iOS

• Real-time protection aims to detect and block 25% more phishing attacks

• Enhanced password protection and alerts for weak and reused passwords added for iOS Chrome app users

Source: FORBES