Phishing is a common hacking method in which attackers steal usernames and passwords by tricking victims into clicking on malicious links and then typing in their login credentials. The malicious pages can be an exact copy in some cases -- tricking even seasoned political operatives.
But phishing links don't just come in emails: They can also appear in malicious advertisements, or through direct messages on chat apps. For those of you using a Chrome browser, Google is launching an extra level of protection against phishing through real-time checks on site visits.
This protection was already available for Chrome's Safe Browsing mode, which checked the URL of every website visited and made sure it was not on Google's block list. The block list is saved on devices and only synced every 30 minutes, allowing savvy hackers to bypass the filter by creating a new phishing URL before the list updates.
Watch this: Cyberattack: How we were phished by professional hackers
On Tuesday, Chrome announced that the phishing protection would expand to check visited URLs with Google's block list in real time, instead of the locally stored list that's updated every 30 minutes.
The company said it won't be keeping a log of every website you're visiting. Instead of checking the full URL, Google said it checks a partial fingerprint of it -- an encrypted version of the link -- meaning that the company doesn't see the actual URL you're visiting.
In a blog post, Google said that this change led to a 30% increase in finding new malicious websites.
Several other password protection tools that Google released in the past as Chrome extensions are now getting baked into the browser by default, the company announced.
In February, Google released an extension called Password Checkup, which warns people if their login credentials had been stolen in a breach and prompts them to change those credentials. Hackers often count on people reusing their passwords across multiple accounts, and this tool was designed to prevent that.
That extension is now a part of the Chrome browser, and you can enable or disable it through the "Sync and Google Services" setting.
As with the phishing protections, Google said that it only stores encrypted versions of people's usernames and passwords, and that it doesn't keep a log of people's credentials.
Google said these features would be rolled out gradually following the release of Chrome 79 on Tuesday.