You are here: Home - Household Bills - News -

Google Chrome ‘worst browser for stopping phishing attacks’

Written by: Emma Lunn
The popular browser only blocks a quarter of phishing attacks, according to a Which? investigation.

Researchers found that Google Chrome only prevented investigators from reaching 28% of the phishing sites they tried to access on Windows and only 25% on Mac. In comparison, the best performer Firefox, made by the not-for-profit Mozilla Foundation, stopped 85% of phishing attacks on Windows and 78% on Mac.

Phishing attacks can happen in a number of different ways including via emails, SMS texts or as a dodgy online advert. If a user attempts to visit the web address by searching for it in their web browser, a good browser would detect a phishing attempt and block the user from accessing the site.

Phishing attacks are designed to trick users into entering sensitive data, such as payment details, passwords and other personal information. This data can then be used by cybercriminals to gain access to online accounts and steal money.

Hacker sites can impersonate any type of website such as banks or delivery companies, but scammers also often impersonate UK government services, such as HMRC and DVLA.

In order to test whether each web browser was able to adequately detect phishing attacks, Which?’s tests involved searching the web addresses of 800 newly-discovered phishing sites very shortly after they were first discovered into each web browser.

The test also checked to see whether the best performing browsers were simply overly-aggressive with blocking sites, throwing up ‘false positives’ that make browsing the web unnecessarily cumbersome to use.

Top performer Firefox prevented more phishing attacks than Microsoft Windows default browser Edge which blocked 82% of the phishing attacks, and the Apple MacOS default browser Safari which blocked 77% of the attacks. Opera meanwhile only managed to prevent 56% on both Mac and Windows operating systems.

Which? said web browsers should be able to efficiently detect and block known phishing sites by accessing a database. However, browsers should also be able to detect new and emerging phishing attempts and block them as fast as possible.

Phishing sites don’t tend to last very long. Once they have been detected, they can be blocked but some still slip through the net and the scammers can launch new URLs very quickly.

When Which? shared its testing information and results, Google questioned the findings.

A Google spokesperson said: “This study’s methodology and findings demand scrutiny. For more than 10 years, Google has helped set the anti-phishing standard — and freely provided the underlying technology — for other browsers.

“Google and Mozilla often partner to improve the security of the web, and Firefox relies primarily on Google’s Safe Browsing API to block phishing – but the researchers indicated that Firefox provided significantly more phishing protection than Chrome. It’s highly unlikely that browsers using the same technology for phishing detection would differ meaningfully in the level of protection they offer, so we remain sceptical of this report’s findings.”

However, Which? believes the investigation shows that the company needs to do more to detect and prevent phishing attacks on Chrome.

Lisa Barber, Which? Computing editor, said: “It’s incredibly alarming to see that a huge company like Google is allowing the security of its users to be exposed in this way – a gift to fraudsters who are constantly trying to use phishing attacks as a launchpad for scams that can have a devastating impact on victims.

“If you are worried about your safety online, remaining vigilant when clicking a link, installing a top quality free or paid antivirus package, keeping your browser up to date and signing up to our free scams alerts email will all massively increase your protection from malicious websites.”

There are 0 Comment(s)

If you wish to comment without signing in, click your cursor in the top box and tick the 'Sign in as a guest' box at the bottom.

Everything you wanted to know about ISAs…but were afraid to ask

The new tax year is less than a fortnight away and for ISA savers or investors, it’s hugely important. If yo...

Your right to a refund if travel is affected by train strikes

There have been a wave of train strikes in the past six months, and for anyone travelling today Friday 3 Febru...

Could you save money with a social broadband tariff?

Two-thirds of low-income households are unaware they could be saving on broadband, according to Uswitch.

What will happen if rates change

How your finances will be impacted by a rise in interest rates.

Regular Savings Calculator

Small regular contributions can build up nicely over time.

Online Savings Calculator

Work out how your online savings can build over time.

DIY investors: 10 common mistakes to avoid

For those without the help and experience of an adviser, here are 10 common DIY investor mistakes to avoid.

Mortgage down-valuations: Tips to avoid pulling out of a house sale

Down-valuations are on the rise. So, what does it mean for home buyers, and what can you do?

Five tips for surviving a bear market mauling

The S&P 500 has slipped into bear market territory and for UK investors, the FTSE 250 is also on the edge. Her...

Money Tips of the Week