Google is experimenting with displaying domain names only in the Chrome address bar instead of full URLs. The feature will be tested in the upcoming Chrome 86 release, with Google hoping the change could protect users from scams and phishing attacks with misleading URLs.
Domain names and URLs are one of the most basic forms of web security we have, and let us know soon where we are online. Sometimes, however, they can be used to deceive. Hackers and scammers often create fake websites that look plausible by using URLs with typos (twittter.com) unknown subdomains (yourbank.sign-in.info) or linked domains (secure-gmail.com). Unsuspecting users then try these URLs and think they belong to legitimate companies before being tricked into giving away their referrals.
:format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/21757234/alwaysshow.png)
Some browsers like Safari only show a domain name of a URL in the address bar, partly because it looks cleaner, but also because it makes some of these scams clearer. If you are used to seeing facebook.com in your address bar and suddenly your browser shows instead of facebook.com.money.biz.scam.inc, you will (hopefully) be suspicious.
Google says the new feature will only show domain to a random subset of users in Chrome version 86. The company wants to see if the change ‘helps users realize they’re visiting a malicious website, and protects them from phishing and social tech attacks . “If it does, we can probably expect it to become a permanent feature in the future.
If you are not subscribed to the experiment but want to see what it looks like, you can download Chrome 86 through the Canary or dev channels, open chrome: // flags, enable the following flags, # omnibox-ui -reveal-steady -state-url-path-query-and-ref-on-hover and # omnibox-ui-sometimes-delete-to-register-domain, and restart Chrome to test it out. Chrome 86 is not expected until October as a stable release.
