Google Chrome Logo Clear

Google Chrome barely blocks a quarter of phishing websites

Google’s Chrome web browser only blocks a quarter of suspicious websites that are likely to be used in phishing scams. Phishing sites are used to trick you into providing sensitive information such as credit card numbers, passwords, and other personal details. Hackers can use this information to steal money or get access to your internet accounts.

According to a consumer organisation, Google’s Chrome blocked just 28% of the web URLs of 800 newly found phishing sites when searched in a web browser on Windows and 25% on Apple Mac machines during the research.

The best performance on both systems was Mozilla’s Firefox, which blocked access to 85% of sites on Windows and 78% on Mac. It shows that, despite its minuscule browser market share, David (computer scientist at Mozilla) can take on the web’s Goliath in terms of phishing prevention.

This study’s method and conclusions demand investigation stated a Google official in reaction to the findings.

Google has helped define the anti-phishing standard for more than a decade and has freely shared the underlying technology to other browsers. Google and Mozilla often collaborate to improve online security, and while Firefox mostly depends on Google’s Safe Browsing API to prevent phishing. Researchers found that Firefox provided considerably better phishing protection than Chrome.

According to web analytics company Statcounter, Google Chrome is the most popular web browser, with 65.6% of internet computer users using it. Firefox’s user base isn’t particularly large (just 9.2%). It is significantly ahead of the default browsers for Microsoft Windows Edge and Safari, respectively.

According to a Google official:

We expressed doubts of the findings of this analysis since it’s highly unlikely that browsers employing the same phishing detection technology. It will give meaningfully various levels of protection.

What are the findings for you?

Phishing attacks come in many forms such as email, phone calls, SMS messages, or social sites direct messages. The National Cyber Security Centre (NCSC) in the United Kingdom recommend that people think hard before clicking on any link they receive.

Although Google Chrome came in last in the test, it doesn’t always imply you’ll wind up on a phishing site if you use Chrome to access a shady link.

It also ignores how users discover phishing URLs. They’re commonly shared via email and chat platforms, many of which have their own phishing detection systems, so you may be protected on that front as well. When it comes to the another line of defence against phishing, it appears that using a different web browser makes a difference.


Always check for signs such as bad spelling or grammar. There may be a focus on urgency in the messaging to do a rash decision.

Security researchers also advise that if anything appears to be too good to be true, it usually is a phishing attack.

Lisa Barber, a computing editor, said:

It’s really alarming to see a huge organization like Google violate its customers’ security in this manner. A gift to scammers who are continually trying to exploit phishing attacks as a launch site for scams that may be quite harmful to victims.

You should not easily give up your credit card information unless you are 100% confident in the site you are visiting. If you want to provide credit card information, double-check that the website is authentic, and the site is safe.

Has your organisation started to increase cyber security measures yet? Start your two-week free trial today of our Security Awareness Training and simulated phishing.

Recent posts