Google Releases New Free Tool to Prevent Phishing Attacks

Google has released a new extension for its Chrome browser that is intended to protect users' passwords.

Launched on Wednesday, Password Alert is designed to deal with phishing sites - those sites that imitate login pages in order to steal passwords.

With Password Alert installed in Chrome, you will get an alert once you type your Google password in a login page that is not an actual Google login page. This will then allow you to immediately reset your password before your account gets compromised. The extension can be configured to automatically alert a company's incident response team in a corporate set up.

Google's security engineer Drew Hintz told Wired that Password Alert helps users reach a decision as to whether or not the place where they just typed in their password is a fine and secure place.

Aside from preventing users from falling prey to phishing, Password Alert also takes on another problem that is often out of internet services' control: users who use the same password across a number of different sites. Use your Google password in another service, and most, if not all of Google's security will be reduced to the same level of security as that other service.

Most hackers know by now that passwords and usernames leaked from one security breach most often work on other sites as well. Reusing a Google password with Password Alert installed will prompt the same warning as the phishing alert, which can then encourage users to stop their habit of using the same password in everything.

According to Hintz, Google will be releasing upcoming versions of Password Alert that will allow users the option to monitor their other passwords too, such as their banking or corporate accounts.

Tags
Google, Chrome
Real Time Analytics