A new extension called “password alert” warns the internet user when entering a gmail password on a phishing webpage.
People often think that hacking is the prerogative of computer nerds who implement highly technical computer codes to enter secure servers. But the reality is much simpler.
The most effective way to know a password is still… to ask for it
This is called phishing. Who has never received an e-mail from someone pretending to be your bank, your tax, or your Internet Service Provider, asking you to send your password?
And it works! Recent hacking of Sony website is a very good example of spear phishing. Spear phishing is an alternative of the usual phishing attempt with personalized emails targeting some specific people inside the company.
To fight against this scourge, Google has just created an extension available only for Chrome, the homemade browser of the famous search engine.
During the installation of “password alert”, a “scrambled version of your password is stored on your computer” as stated in the presentation of the extension. Then “password alert” compares it with what you may type during your stay on the internet.
In other words, if you enter your gmail password on a web page that is not authenticated as a login page to the Google services, the extension “password alert” will show on your screen a message, similar to the image of the article. The extension then prompts you to change your gmail password before it can be used fraudulently.
Although the extension “password alert” appears, at least theoretically, a new step against phishing attempts, it presents some limitations. It only works on Chrome and it only works with your gmail password, it will not work if you use another email service.