Google Chrome branded the least effective browser for stopping phishing attacks

The Chrome app icon on a mobile phone display
(Image credit: Shutterstock)

Google Chrome has been revealed to be the least effective web browser for protecting its users against accessing websites dedicated to phishing.

It was the worst-performing browser across both Windows and macOS, according to the testing scores, with Firefox proving to offer the best protection across both operating systems (OS).

According to the tests conducted by Which?, Google Chrome was able to block just a quarter of the phishing sites the researchers visited.

Chrome running macOS blocked users from visiting just 25% of phishing sites while the score was slightly better at 28% on Windows.

At the other end of the scoring, Firefox scored 78% and 85% across macOS and Windows respectively.

Safari offered the second-best protection on macOS with 77% and Microsoft Edge took second place on Windows with 82%. Opera came third on both platforms with a 56% blocking rate across both OSs.

The researchers tested the browsers using 800 newly created phishing sites to gauge each browser’s ability to recognise a phishing site that hasn’t already been added to an internet blacklist - a process the researchers said takes just a matter of hours.

Responding to the research’s findings, Google said it was unable to comment robustly due to the little context provided to it, but assured it uses Google's Safe Browsing API to protect users against phishing attempts.


Protecting healthcare from cybercrime

Best practices to address evolving cyber security threats


Google’s Safe Browsing launched in 2007 and is designed to protect users against a broad range of cyber threats including malware, unwanted software, and social engineering attacks like phishing.

In the past, Google has also experimented with shorter URLs in Chrome’s address bar, on several occasions, to combat phishing attacks.

In the end, the feature never ended up making a stable Chrome build but had Google decided to implement it, it would have seen traditional URLs shortened and just the domain name displayed to users.

Google Chrome is still the most popular web browser by far, according to recent statistics from StatCounter. The web analytics firm said it holds a dominant 66.64% market share with second-place Chromium-powered Microsoft Edge holding just 10.07%.

Phishing is still one of the most prominent forms of cyber attack plaguing businesses today and continues to be extremely effective despite the array of protections afforded users across internet services.

Most recently, the men behind a lucrative scam that convinced the US government to pay $23.5 million for jet fuel the scammers did not supply, had their sentencing dates set and together face a combined maximum prison sentence of 107 years.

Connor Jones
News and Analysis Editor

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.