URL "Lookalike" suggestions appearing while browsing

Description

Users have been reporting that they see messages alerting them that they may have accidently gone to a site they didn’t intend to go to:
brave

This is the result of a Chromium feature found in brave://flags titled #enable-lookalike-url-navigation-suggestions. This flag when toggled will enable/disable this feature in Brave.

We’re discussing internally how we’d like to handle this feature, but would like to note that the feature is intended to stop users from visiting sites that contain malware or fake sites setup for phishing that capitalize on users mistyping URLs into the address bar. It’s the same reason Binance has this message on their login page:

We’d also like to note that there’s no network activity associated with this feature – the sites are pulled from a static set of data that is created at build-time.

We will likely keep this feature as it has many benefits and may help users avoid landing on malicious websites. We are, however, discussing the idea of surfacing this flag to Settings so that it can be easily enabled/disabled as per user preference.

Related Threads

1 Like

Can you provide me with a link to where this is happening or background on how this list is built (presumably by the Chromium team?)

This list is actually not based on security consideration - or else one of our site would not be on it - so I’d like to dig further and understand how a web site can end up on that list and suffer from it.

Best regards

Quoting you from another issue on this topic:

In you’re example, it’s likely that many people intending to go to “live.com” may have wound up on “vive.com”. Malware and phishing website will take advantage of small errors like this

And that’s exactly the problem: many people actually wanted to visit vive.com which is not a malware site but a Virtual reality headset maker. Of course, they are much, much smaller than live.com in terms of traffic and engagement I’m sure but it shows again the list is just plain wrong.

Best regards

Mine has gotten worse with it going to a whole page EVERY TIME I use a link that goes to another site, it is very annoying and prevents me from doing things smoothly as I have to press ‘ignore’ every time.

Did you disable the flag mentioned in the initial post?

I don’t know how. I have tried to find it but no matter what, I can’t find the setting for it.

This is extremely naive behaviour. In Australia we have multiple competing news corporations which use similar domains: news.com,au, 7news.com.au and 9news.com.au.

Brave users wishing to consume news from 7news.com.au and 9news.com.au are being warned against using these news sources and encouraged to visit the largest news source news.com.au.

As Brave adoption expands so does the range of user base and more people will naively accept Brave’s recommendation and further monopolising news outlets in Australia.

Brave can do better than this.

@obezuk,
As stated in the initial post:

This is the result of a Chromium feature found in brave://flags titled #enable-lookalike-url-navigation-suggestions . This flag when toggled will enable/disable this feature in Brave.

We’re discussing internally how we’d like to handle this feature, but would like to note that the feature is intended to stop users from visiting sites that contain malware or fake sites setup for phishing that capitalize on users mistyping URLs into the address bar.

Thank you for explaining. I have checked and it does work. Is there a way to make that an advance option in settings for others?

1 Like

We’re discussing this as an option and have a github issue to track it:

1 Like