- This feature is designed to warn users when they visit typosquatting domains, IDN Homograph Unicode attacks, and phishing sites.
- This feature is currently available only in Chrome Canary 74.
Google is working to add a feature to Google Chrome that warns users about similar or lookalike URLs that users may visit thinking they are legitimate sites. This new feature is designed to warn users when users visit typosquatting domains, IDN Homograph Unicode attacks, and phishing sites.
This new experimental feature has been currently added to the Canary builds of the Chrome 74.
How does the new feature work?
This new feature will alert users when they visit URLs that pretend to lookalike a legitimate URL. For example, Appl3[.]com, tw1tter[.]com, m1crosoft[.]com.
- When users visit these lookalike URLs, Google Chrome will display a warning under the address bar stating ‘Did you mean to go to [url]?’.
- For example, when a user tries to go to the appl3[.]com URL, Google Chrome will ask ‘Did you mean to go to http://apple.com/?’.
Currently available in Chrome Canary 74
Currently, this feature is only available in the Chrome Canary builds for Chrome 74. Users can test the lookalike feature by downloading Chrome Canary and entering chrome://flags into the address bar.
- To test the lookalike feature, search for lookalike at the ‘Experiments’ page.
- Then enable the ‘Navigation suggestions for lookalike URLs’ flag.
- You will then be prompted to relaunch the browser.
- Once the flag is enabled, you can explore the new feature by adding typos to domains.
Google might create an interstitial page for the lookalike feature
A new Chromium Gerrit post stated that these lookalike alerts may be moved to their very own browser interstitial page. Chrome uses interstitial pages to display warnings to users before they actually visit the requested site.
“A common interstitial that Chrome users see is when Google's Safebrowsing detects a malicious site. Based on the Chrome Gerrit post, Google aims to make a similar interstitial for the lookalike feature,” BleepingComputer reported.