Google Chrome only blocking a quarter of phishing websites, researchers claim
A new study by Which? said it found Google’s web browser was failing to block access to suspicious websites.
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Google’s Chrome web browser is only preventing users from visiting around a quarter of suspicious sites that are likely to be part of phishing scams, Which? has claimed.
The consumer group said a study searching the web addresses of 800 newly discovered phishing sites in a web browser saw Chrome block only 28% when used on Windows and 25% on an Apple Mac computer.
Which? said it performed the same test across a number of other web browsers, with Mozilla’s Firefox performing the best by blocking access to 85% of sites when used on Windows and 78% on Mac – the best result on both platforms.
Phishing scams are those where criminals create messages that look genuine in order to trick consumers into clicking a link to a bogus website where viruses could be installed on their device, or having them hand over personal information which can be used to gain access to financial information or online bank accounts.
In response to the findings, a Google spokesman said: “This study’s methodology and findings demand scrutiny.
“For more than 10 years, Google has helped set the anti-phishing standard – and freely provided the underlying technology – for other browsers. Google and Mozilla often partner to improve the security of the web, and Firefox relies primarily on Google’s Safe Browsing API to block phishing – but the researchers indicated that Firefox provided significantly more phishing protection than Chrome.
“It’s highly unlikely that browsers using the same technology for phishing detection would differ meaningfully in the level of protection they offer, so we remain sceptical of this report’s findings.”
Phishing scams can come in the form of emails, text messages and direct messages on social media.
To help counter such scams, the UK’s National Cyber Security Centre (NCSC) advises people to consider carefully before clicking any link they are sent, unsolicited, by an organisation. It also encourages people to look for tell-tale signs including poor spelling or grammar, or a sense of urgency in the messaging to try to encourage a rash decision.
Security experts also warn that if an offer sounds too good to be true, it often is.
“It’s incredibly alarming to see that a huge company like Google is allowing the security of its users to be exposed in this way – a gift to fraudsters who are constantly trying to use phishing attacks as a launchpad for scams that can have a devastating impact on victims,” Which? computing editor Lisa Barber said.
“If you are worried about your safety online, remaining vigilant when clicking a link, installing a top-quality free or paid antivirus package, keeping your browser up to date and signing up to our free scams alerts email will all massively increase your protection from malicious websites.”
Additional reporting by Press Association