Researchers play cat and mouse with Google’s anti-phishing Chrome extension

For the past several days security researchers have raced to demonstrate that phishing protections added by a new Google Chrome extension can be bypassed with ease.

The Password Alert extension, developed by Google and released Wednesday, is designed to alert Chrome users when they input their Gmail passwords on websites that don’t belong to Google and are therefore part of phishing attacks.

By Thursday, an information security consultant named Paul Moore had already devised a method that attackers could use to block the extension’s alerts.

To read this article in full or to leave a comment, please click here