Phishing attempts involve a lot of trickery. You think you got an email from your colleague at when you really received it from someone at Or you mistype one letter in a URL and you're taken to a site that looks exactly the same, but isn't the one you wanted. One minute later you've entered your email, password, and maybe credit card on an unknown site and your details have been stolen for good. Even the best of us (and the most tech-savvy and aware) can miss a small letter change, so it only makes sense that there's a more automated and systematic check that could save us from these situations. That's where Chrome's upcoming warning comes into play.

Currently sitting behind the flag chrome://flags/#enable-lookalike-url-navigation-suggestions, this little suggestion line will show up when you navigate to a URL that's similar to another more popular one. Although the flag is available on all versions of Chrome on the desktop, it doesn't seem to work properly on the stable channel. On Canary, however, it's functional and detects lookalike addresses like in the image at the top of the post.

Speaking a the USENIX Enigma conference, Googler Emily Stark said that the goal is to provide a suggestion and not be very alarmist about it. The user can disregard the pop-up and continue browsing as usual. But if they mistyped the URL or got redirected from a phishing email or link, then Chrome will provide this handy notice to help them avoid any trouble.

I never thought I needed something like this, but I have to say the idea of a double-check by an always-vigilant, automated system is more than welcome. And now I want this on the mobile version of Chrome too (the flag isn't there yet) as well as inside Gmail. Think of how many phishing attempts could be avoided if Gmail would warn users (especially G Suite ones) when an email comes from an imposter domain and not a colleague on their team.