For years Google has used machine learning to automate its Safe Browsing defenses against web attacks on Chrome users. Today, Google is launching a new Chrome extension to allow human "power users" to report dodgy sites.
The extension, dubbed Suspicious Site Reporter, allows Chrome users to report suspicious sites in the browser to the Google Safe Browsing service, which is used by Chrome, Firefox and Safari to counter web threats like malware and phishing.
Once installed, Chrome users may see an icon when they visit a potentially bad site, and contextual information about why Chrome saw it as suspicious. Users can click the icon to report if they believe the site is indeed dodgy.
In Chrome with the extension, users might see a flag icon next to the address bar warning that a domain could be suspicious. Some traits Google uses are if it detects that the domain uses weird characters, is not popular, or hasn’t been visited by anyone for the past three months.
Google is pivoting by opening up Safe Browsing to user reports, adopting selective crowdsourcing rather than relying primarily on machine learning to inform Safe Browsing of web threats.
Safe browsing was launched in 2007 and has aimed to provide users with security warnings about deceptive sites before users actually visit a site, protecting them from probable phishing threats.
It previously allowed users to automatically report details about sites that Safe Browsing detected, but didn’t allow users to report suspicious sites themselves.
Sites reported by users will be evaluated by Google for potential addition to its Safe Browsing systems.
Google is pitching the Chrome extension as a tool for “power users” to more easily report suspicious sites with information about the URL, IP address, a screenshot of the site, the site’s code, and what steps the user took to land at the suspicious site.
Google today also revealed that Safe Browsing now protects four billion devices every day, up from three billion devices two years ago. This includes iPhone users who typically rely on Safari rather than Chrome for iOS.
In Chrome 75, released as stable two weeks ago, Google is providing a new warning to lead users away from sites that switch similar characters in a domain name. The example it uses is Google with a zero, “go0gle.com”, versus the legit “google.com” address.
Two years ago it attempted to thwart phishing attackers by restricting how websites displayed non-Latin characters in the address bar after researchers demonstrated whole-script homograph attacks.
“This new warning works by comparing the URL of the page you’re currently on to URLs of pages you’ve recently visited. If the URL looks similar, and might cause you to be confused or deceived, we’ll show a warning that helps you get back to safety,” explained Emily Schechter, a Chrome product manager.