To make sure that you don’t end up providing your personal, valuable data to imposters, Google chrome is testing a new feature on Chrome 86. In this, instead of showing the complete URL, the browser will show you just the domain name.
To explain how this works, let me give an example. Let’s say you wanted to visit the blog where Google has announced this feature. Today, the URL bar reads something like this: https://blog.chromium.org/2020/08/helping-people-spot-spoofs-url.html?m=1
Now, if a hacker was to replace this link with something like: https://blog.chromiom.org/2020/08/helping-people-spot-spoofs-url.html?m=1, chances are, you might not notice. However, with this new change, the aforementioned tab will read: blog.chromium.org, with the fake link looking something like ‘blog.chromiom.org’. This new, concise approach will make the distinction much clearer, and help ensure that fake links are catched much more often.
Thus, this new change will work to protect users from misleading URLs, spams, and phishing attacks. Such misleading URLs can be very harmful to user’s privacy and security because they can trick them into giving private information. Many websites only show their domain name or just the ‘significant part’ of the URL.
“On today’s web, URLs remain the primary way users determine the identity and authenticity of a site, yet we know URLs suffer from usability challenges. For example, there are myriad ways that attackers can manipulate URLs to confuse users about a website’s identity, which leads to rampant phishing, social engineering, and scams. In one study, more than 60% of users were fooled when a misleading brand name appeared in a URL’s path,” the company said in a blog post.
If you are a part of the experiment and want to still see the full URL then you can either hover over the URL and wait for it to expand, or right-click in the URL and select “always show full URLs”
On the other hand, if you are not a part of the experiment and you would like to be then you can install canary or dev channels, open chrome://flags, and enable the flags “#omnibox-ui-reveal-steady-state-url-path-query-and-ref-on-hover”, and “#omnibox-ui-sometimes-elide-to-registrable-domain.” Then relaunch Chrome.
