This article applies to the Google Chrome browser on Windows, Mac, Linux, and Chromebooks.
Google Chrome warns you if the site you're trying to visit is suspected of phishing or malware, using Google’s Safe Browsing technology.
What is phishing and malware?
A phishing attack takes place when someone masquerades as someone else to trick you into sharing personal or other sensitive information with them, usually through a fake website. Malware is software that gets installed on your machine often without your knowledge, and is designed to harm your computer or potentially steal information from your computer.
For more pointers on keeping your family safe on the web, read Google's Tips for Online Safety . Learn about other security settings and additional technologies, such as sandboxing and auto-updates
, that Google Chrome uses to keep you safe on the Web.
Safe Browsing works in two ways to help protect you against phishing and malware. First, Google downloads a list of information to your browser about sites that may contain malicious software or engage in phishing. On the list, each URL is hashed (obscured so it can't be read) and then broken into portions. Your browser creates the hashed versions of URLs that you visit, and checks them against the list. If the URLs match the list, your browser will contact Google's servers to request the full list -- not just portions -- of the hashed URLs that are believed to be risky.
Your computer can then determine if you are visiting a risky site, and warn you about it. When your computer contacts Google to get more information about a specific hashed URL fragment, or to update the list, we receive standard log information including your IP address and possibly a cookie. This information does not personally identify you, and is retained only for a period of weeks. Any information that we receive through this process is protected under the standard terms of the Google Privacy Policy .
Second, Safe Browsing is designed to help protect against targeted phishing attacks (also known as “spear phishing”) where a site may not already be known to Google, and thus not yet included on a list of phishing websites. To provide this added protection, Chrome analyzes each site you visit, and tries to determine whether the site is phishing based on the content of the site. If the site is sufficiently suspicious, Chrome will send a portion of the hashed URL, similar to the first method outlined above, along with additional non-identifying information such as whether and how many times you’ve visited the site in the past. This information will be combined with other information available to Google to make a better prediction as to whether the site is actually a phishing site or not. Based on this refined decision, your browser will show a warning if appropriate.
Additionally, as described in the Google Chrome Privacy Policy , if you have chosen to share usage statistics with Google and you visit a site that we think could be a phishing or malware site, certain other data will be shared with Google, including the full URL that you visited, the "referer" header sent to that page, and the URL that matched the Google Safe Browsing malware list.
Google Chrome phishing and malware alerts
Here are the messages you may see when phishing and malware detection is enabled:
| Message | What it means |
|---|---|
| Warning: Something's Not Right Here! | This message appears if Google Chrome detects that the site you're trying to visit may have malware. |
| Warning: Suspected phishing site! | This message appears if Google Chrome detects that the site you’re trying to visit is suspected of being a phishing site. |
Disable phishing and malware detection
- Click the wrench icon
on the browser toolbar.
- Select Options (Preferences on Mac and Linux; Settings on Chrome OS).
- Click the Under the Hood tab and find the "Privacy" section.
- Deselect the "Enable phishing and malware protection" checkbox.
Using a Chromebook at work or school? Your network administrator might configure phishing and malware detection for you, in which case you can't change this setting yourself. Learn about using a managed Chromebook