Windows 10 News and info | Forum

Social Media - Search Engines - Browsers => Browsers: IE11, IE10, IE9, Firefox, Firefox Mobile, Google Chrome, Safari, Opera => Topic started by: javajolt on February 03, 2019, 11:27:22 PM



Title: Chrome to Display Warnings About Similar or Lookalike URLs
Post by: javajolt on February 03, 2019, 11:27:22 PM
(http://i.postimg.cc/BQ2SRbxh/chrome-security.png)

Google is adding a new feature to Google Chrome that will warn users about similar, or lookalike, URLs that a user may visit thinking they are going to the normal site. This feature is designed to warn users when they visit typosquatting domains, IDN Homograph unicode attacks, scams, and phishing sites.

In the current Canary builds of Chrome 74, a new experimental feature has been added that will alert users that they are visiting an URL that may be pretending to be or acting as a "lookalike" to a legitimate URL. For example, URLs like appl3.com, tw1tter.com, or m1crosoft.com.

When users go to these URLs, Chrome will display a warning under the address bar stating "Did you mean to go to [ url ]?". For example, you can see that when we tried to go to the appl3.com URL it asks "Did you mean to go to http://apple.com/? (http://apple.com/?)".

(http://i.postimg.cc/sD2F42TQ/lookalike-url-warning.jpg) (http://i.postimg.cc/8CvgfntZ/lookalike-url-warning.jpg)
Lookalike URL warning

By default, this feature is only available in the Chrome Canary builds for Chrome 74.  To test the lookalike feature, you can download Chrome Canary and enter chrome://flags into the address bar.

At the Experiments page, search for lookalike and then change "Navigation suggestions for lookalike URLs" to Enabled. You will then be prompted to relaunch the browser as shown below.

(http://i.postimg.cc/JhxcxR60/lookalike-urls-flag.jpg) (http://i.postimg.cc/vmHW2p6m/lookalike-urls-flag.jpg)
Navigation suggestions for lookalike URLs Chrome Flag

Once the flag is enabled, you can play around with the feature by adding typos to domains.

A Warning may be coming as an interstitial

A new Chromium Gerrit post (http://chromium-review.googlesource.com/c/chromium/src/+/1450263) indicates that these lookalike warnings may be moved to their very own browser interstitial (http://www.bleepingcomputer.com/news/security/internal-chrome-page-shows-all-google-interstitial-warnings/) instead. Chrome uses interstitial pages to display warnings to users before they actually visit the requested site.

(http://i.postimg.cc/gcDGmQwp/bug-report.jpg) (http://i.postimg.cc/7PMZbbWp/bug-report.jpg)
Chromium Gerrit Post

A common interstitial that Chrome users see are when Google's Safebrowsing detects a malicious site as shown below.

(http://i.postimg.cc/vZHTbwLF/example-interstitial.jpg) (http://i.postimg.cc/QML2pJBS/example-interstitial.jpg)
Malicious site interstitial

Based on the Chrome Gerrit post, Google aims to make a similar interstitial for the lookalike feature.

source (http://www.bleepingcomputer.com/news/software/chrome-to-display-warnings-about-similar-or-lookalike-urls/)