Google is combating a spate of phishing campaigns with the launch of a free extension for its web browser Chrome.
Responding to the increasingly plausible spoof websites used by hackers to steal details, the search engine has released Password Alert, which warns you if you are entering Google login details into a non-Google website.
Writing on the firm’s blog, security engineer Drew Hintz and Justin Kosslyn of Google Ideas said: "Once you’ve installed and initialized Password Alert, Chrome will remember a ‘scrambled’ version of your Google Account password.
"If you type your password into a site that isn’t a Google sign-in page, Password Alert will show you a notice. This alert will tell you that you’re at risk of being phished so you can update your password and protect yourself."
Google Apps for Work customers will also be able to use to the tool to direct such alerts towards their IT admin, reducing password reuse between accounts and flagging for potentially malicious behaviour.
The release follows a recent rash of phishing sites attacking Google, Yahoo and Microsoft email accounts through websites that look identical or nearly identical to the official login pages.
Research undertaken by Google and the University of California previously showed that the best phishing attacks work 45% of the time, with the search engine also claiming that nearly 2% of messages sent to Gmail try to trick recipients into revealing their passwords.
