There is a feature active in the Google Chrome browser that could make Google links unsafe to visit. Below, I will discuss traditional methods for determining safe links, how Google links could bypass these methods, how this could impact users, and what users can do about it.

 

Is a link safe or unsafe?

When you receive an email or see a facebook post with a link, it is always important to check the link to make sure it is safe. The current method people use is to hover the mouse over the link:

 

The reason you need to hover is because a link can be disguised as something else. Only once you've hovered over the link can you determine the true destination of the link. Once you've hovered over the link, you can determine whether the link really is to woodgrovebank.com or not. Further details can be found here.

This problem we are faced in this situation is that most people would consider google.com safe to visit and would therefore click on the link. The next section will describe why you may want to think twice before clicking a google.com link.

How are Google links potentially unsafe?

 

How could this impact me?

 

What can I do to protect myself?

Prerendering is a feature that is active by default in the latest versions of Google Chrome. The purpose of the feature is to speed up browsing by trying to predict what you are going to click on next. Chrome will visit a webpage that it thinks you will click on, even if you never click on it. It does this in a hidden tab so the user never sees that it is happening. If you do click on the link, the hidden tab is immediately swapped in and the page seems to load instantly. However, even if the user doesn't click on the link, the web resources are already fetched and then discarded after a certain time. It is during this fetching process that malicious things could be happening. In order to stop this from happening, you can go to Chrome preferences and uncheck the option for "Predict network actions" under the privacy section.

• Next >