Chrome header

Google is adding a new feature to Google Chrome that will warn users about similar, or lookalike, URLs that a user may visit thinking they are going to the normal site. This feature is designed to warn users when they visit typosquatting domains, IDN Homograph unicode attacks, scams, and phishing sites.

In the current Canary builds of Chrome 74, a new experimental feature has been added that will alert users that they are visiting an URL that may be pretending to be or acting as a "lookalike" to a legitimate URL. For example, URLs like appl3.com, tw1tter.com, or m1crosoft.com.

When users go to these URLs, Chrome will display a warning under the address bar stating "Did you mean to go to [url]?". For example, you can see that when we tried to go to the appl3.com URL it asks "Did you mean to go to http://apple.com/?".

Lookalike URL warning
Lookalike URL warning

By default, this feature is only available in the Chrome Canary builds for Chrome 74.  To test the lookalike feature, you can download Chrome Canary and enter chrome://flags into the address bar.

At the Experiments page, search for lookalike and then change "Navigation suggestions for lookalike URLs" to Enabled. You will then be prompted to relaunch the browser as shown below. 

Navigation suggestions for lookalike URLs Chrome Flag
Navigation suggestions for lookalike URLs Chrome Flag

Once the flag is enabled, you can play around with the feature by adding typos to domains.

Warning may be coming as an interstitial

A new Chromium Gerrit post indicates that these lookalike warnings may be moved to their very own browser interstitial instead. Chrome uses interstitial pages to display warnings to users before they actually visit the requested site.

Chrome Gerrit Post
Chromium Gerrit Post

A common interstitial that Chrome users see are when Google's Safebrowsing detects a malicious site as shown below.

Malicious site interstitial
Malicious site interstitial

Based on the Chrome Gerrit post, Google aims to make a similar interstitial for the lookalike feature.

Related Articles:

Google fixes Chrome zero-days exploited at Pwn2Own 2024

Microsoft again bothers Chrome users with Bing popup ads in Windows

Google Chrome gets real-time phishing protection later this month

Google paid $10 million in bug bounty rewards last year

New Google Chrome feature blocks attacks against home networks