Microsoft Protects Users From Phishing Scams With a Windows Defender Chrome Extension

By Tom Pritchard on at

Phishing scams are pretty dastardly things, and supremely irritating. It's got to the point now where you can't ever trust a link in your inbox, even if everything looks legit. Even GMail's spam filters can't differentiate between scams and genuine emails from Amazon about stuff I've actually ordered. What's more plenty of people still fall for them, which is one of the reasons why Microsoft has gone and released a Windows Defender extension for Chrome.

Chrome users will know that Google already has a bunch of tools to protect you while you browse, but Windows Defender Browser Protection adds a bunch more features. The same features that are present in the company's Edge browser, which nobody actually uses because it's kind of lame. That means it'll warn you when you try and access dodgy sites, and directs you back to somewhere that isn't going to fuck up your machine beyond repair.

As for why you'd want this over Chrome's built-in tools, Microsoft claims that Chrome only manages to detect 87 per cent of malicious attacks - whereas Edge can pick up 99 per cent. At least, that's according to a 2017 Web Browser Security report from NSS Labs.

When it comes to phishing, the extension has two functions. The first is that it can detect if you've accidentally mistyped a URL, such a your bank, and accidentally stumbled on a phishing site. It can also scan your emails for any phishing attacks. All of this is powered by a constantly updating list of known malicious URLs, and in both instances Microsoft will clearly warn whoever is browsing and get them to head somewhere safe where their details won't be stolen by criminals. There doesn't seem to be anything about legitimate businesses pinching your data, as they're wont to do, but that would require an entirely different kind of add-on.

The good news is that activating it is as simple as installing the extension and turning it on. Unlike some add-ons out there, there's no configuration or customisation required. I wouldn't go so far as to say it's idiot-proof (idiots can be an intrepid bunch), but it's pretty close. [Slashgear]