Phishing is a forgery technique used by hackers to steal your sensitive information such as passwords and credit card numbers. The technique consists of making the victim believe that they are addressing a trusted site in order to retrieve their personal information.
Faced with the increase in these attacks, Google has just published a new extension for its Chrome browser to warn users of this hacking technique.
The extension is called Password Alert and it is activated when the Internet user enters his password on a company site whose login form is located in the accounts.google.com subdomain. The extension does not store this password but creates a fingerprint of it. The company explains as follows:
Whenever you sign in to your Google Account, Password Alert temporarily accesses your password and saves a fingerprint with salting it on your local Chrome storage.
Once this fingerprint is saved, Password Alert is able to determine if this same password is entered on another website. Moreover, it is indicated that the extension check the HTML code of each page connection in order to unmask those which are false.
If a problem is detected, an interface will intervene to invite the Internet user to immediately change his password in order to avoid possible phishing.
Currently Password Alert is only available within Google Chrome. Google offers its tool in open source on GitHub so that developers can use it for other browsers.