Google announced today that it is bringing additional security to the Google Chrome standard Safe Browsing feature by enabling real-time phishing protection for all users.
Since 2007, Google Chrome has utilized the Safe Browsing security feature to protect users from malicious websites that push malware or display phishing pages.
When browsing the web, Chrome will check if a webpage you are visiting is within a local list of malicious URLs, and if it is, it will block the site and display a warning.
However, as the list of bad URLs is hosted locally, it can not protect you from new sites detected since the list was last updated.
To provide better security, Google introduced an Enhanced Safe Browsing feature in 2020 that offers real-time protection from malicious sites you are visiting. It does this by checking in real-time against Google’s cloud database to see if a site is malicious and should be blocked.
This feature, though, comes with a tradeoff in privacy, as Google Chrome will now send URLs you open (including downloads) back to Google’s servers to check if they are malicious. The feature will also send a small sample of pages to Google to discover new threats.
Finally, the transferred data is temporarily linked to your Google account to detect if an attack targets your browser or account.
Real-time protection for everyone
While the Enhanced Safe Browsing feature remains the same and offers the best protection in Chrome, Google is now adding real-time protection to the standard Safe Browsing feature for increased security.
The browser developer says it’s doing this as the locally hosted Safe Browsing list is only updated every 30 to 60 minutes, but 60% of all phishing domains stay alive for only 10 minutes. This creates a significant time gap that leaves people unprotected from new malicious URLs.
“To block these dangerous sites the moment they launch, we’re upgrading Safe Browsing so it will now check sites against Google’s known-bad sites in real time,” says Google.
“By shortening the time between identification and prevention of threats, we expect to see 25% improved protection from malware and phishing threats.”
How to turn on Enhanced protection
Go to chrome://settings/security and select the enhanced protection setting.
Please let us know if you have any questions about your IT environment or how to secure it from outside cyber threats. We are here for you! Contact us at (732) 780-8615 or email at [email protected].
Lawrence Abrams, “Google is enabling Chrome real-time phishing protection for everyone“, bleepingcomputer.com, Sep 20, 2023