Phishing attempts include a lot of tricks. You think you received an email from your colleague androidpolice.com when you really got it from someone androidpollce.com. Or you may not enter a single letter URL and you will be transferred to a site that looks exactly the same, but it is not the one you want. One minute later you have entered your email address, password and maybe a credit card on an unknown site, and your information has been stolen. Even the best of us (and the most advanced and knowledgeable) can miss a little change of letters, so it only makes sense to have more automated and systematic testing that could save us from these situations. It starts running Chrome's pending warning.
Currently sitting behind the flag chrome: // flags / # enable-lookalike-url navigation suggestionsthis small line of suggestions will appear when you move to a URL that is similar to another popular one. While the flag is available in all versions of Chrome on the desktop, it doesn't seem to work properly on a stable channel. However, in Canada, it is functional and finds such addresses like that paypai.com top of the picture.
Speaking of the USENIX Enigma conference, Google employee Emily Stark said the goal was to make a recommendation and not very worrying. The user can ignore the popup window and continue browsing as usual. But if they didn't use a URL or received a redirect from a phishing email or link, then Chrome will provide this convenient statement to help them avoid problems.
I never think I need something like that, but I have to say that the idea of double checking is always alert, the automated system is more than welcome. And now I want it in Chrome's mobile version (the flag is not yet available) and Gmail. Think about how many phishing attempts could be avoided if Gmail warned users (especially G Suite) when the email came from the winning domain and not from their teammate.