by Martin Brinkmann on January 31, 2019 in Google Chrome – 1 comment
Google Chrome may soon warn users when they visit what Google calls lookalike URLs. Lookalike URLs is a loose term that describes site addresses that look very similar to the domain of an authoritative or popular site.
Google does not seem to distinguish between purpose when it comes to the definition of lookalike URLs; the Google Chrome feature displayed warnings or different types of URLs, e.g. URLs that were not registered but still look similar to popular URLs, but also when visiting URLs that are registered and load sites when accessed.
Phishing attacks, a common form of threats on the Internet designed to steal account credentials and other important data, use lookalike domain names often to make the attack — posing as a different site — more effective.
Chrome: Navigation suggestions for lookalike URLs
Chrome’s algorithm determines whether URLs are potential lookalike URLs. The web browser displays a “did you mean to go to [URL]” notification at the top of the page if the algorithm determined that the visited URL is likely not the intended target of the user.
Isn’t that what Chrome’s phishing protection aims to do? Yes, and no. Phishing protection protects users against reported phishing sites while the new security feature against sites that are potentially dangerous.
The security feature is hidden behind a flag currently. The flag is available in all versions of Chrome that Google supports but it works only in Canary versions of the browser (maybe Dev as well, not tested).
Here is what you need to do to enable it:
- Load chrome://flags/#enable-lookalike-url-navigation-suggestions in the browser’s address bar.
- Switch the status of the flag to Enabled (from default).
- Restart the Chrome web browser.
Chrome will display the “did you mean to go to” notifications when you visit a lookalike URL after the restart. Note that the browser does not catch all lookalike URLs but only select ones. Google is probably still working on the determination algorithm as it is not always clear why one URL is detected as a lookalike while another, very similar URL, is not.
Closing Words
The feature is experimental at the time of writing which means that Google may change it or remove it entirely in the future.The highlighting of lookalike URLs is mostly useful to inexperienced users in my opinion. It could prevent them from entering credentials and other important information on sites, and to interact with these lookalike sites provided that they act and don’t ignore the message.
Now You: Is the lookalike URL warning a good thing?