When I founded Google Ideas, I wanted to help bring engineering solutions to free expression challenges. So for some time now, my team and I have worked with users on the front lines to both understand the threats and to build tools that empower people to fight for free expression.
We heard from a Vietnamese free speech blogger, whose friends were arrested after a phishing attack that stole her password. We heard from a Turkish activist who cited phishing as the biggest single threat to their organization. And we heard from a Syrian technologist who said the Syrian Electronic Army’s impact would be severely limited if people had better means to protect themselves against phishing. Again and again, we heard that phishing is one of the biggest -- if not the single biggest -- threat facing journalists and activists all over the world. Phishing attacks serve no purpose other than causing harm, in both the digital and physical world.
Today, I'm proud to say that we're publicly launching a tool that will help. It's called Password Alert, and it's a simple Chrome Extension that works like a spellchecker -- when you type your Google password outside of Google login pages, you get a full-screen alert and can change your password if needed. You can install it here (g.co/passwordalert
), and domain administrators can roll it out to all their users as well.
Many of you might think that phishing isn't a direct threat to you, but it probably is to people you know. Please forward this to anyone you think might be at risk, and let me know how it goes. This is just a step, but as a company, we want to build tools that empower people to defend themselves against these attacks.