Search
Follow us On Linkedin

Chrome 137 Adds Gemini Nano AI to Combat Tech Support Scams

AnuPriya
By AnuPriya
Categories:
Cyber Security NewsCybersecurity

In a decisive move to counter the rising tide of tech support scams, Google has announced the rollout of advanced artificial intelligence (AI) protections in Chrome 137, harnessing the power of its on-device large language model (LLM), Gemini Nano.

This initiative, led by the Chrome Security team, aims to deliver real-time, privacy-preserving defense against one of the web’s most persistent forms of cybercrime.

The Anatomy of Tech Support Scams

Tech support scams typically employ alarming pop-up warnings, full-screen browser takeovers, and even disable keyboard and mouse input to create a false sense of crisis.

The scammers’ goal: to convince users their computers are compromised, prompting them to pay for unnecessary services or surrender remote access to their devices.

These attacks are not only disruptive but are increasingly sophisticated, often evading traditional security crawlers by rendering different content to different users or by rapidly cycling through new domains.

How Gemini Nano LLM Powers Chrome’s Defense

The core of Chrome’s new defense is the integration of Gemini Nano, an on-device LLM, into the Enhanced Protection mode of Safe Browsing.

Unlike server-side models, on-device AI allows Chrome to analyze threats instantaneously as users encounter them, even if the malicious site has never been seen before.

This is crucial, as Google notes that the average malicious site exists for less than 10 minutes.

Technical Workflow

  • Trigger Detection: When a user navigates to a page exhibiting suspicious behavior-such as invoking the keyboard lock API to prevent window closure-Chrome flags the page for analysis.
  • Content Analysis: The on-device Gemini Nano LLM receives the full page content and evaluates it for security signals, including intent, suspicious scripts, and deceptive messaging.
  • Signal Extraction and Verdict: The LLM summarizes its findings into concise security signals, which are then sent to Safe Browsing for a final verdict. If the site is deemed a scam, Chrome displays a warning interstitial, blocking access before harm can occur.

Privacy and Performance

The entire process is designed to be lightweight and privacy-conscious:

  • The LLM runs locally, ensuring sensitive data never leaves the device unless the user has opted into Enhanced Protection.
  • Resource consumption is managed through token limits, asynchronous processing, and GPU throttling to avoid browser slowdowns.
  • Only LLM-summarized signals are transmitted, not raw page data.

Enhanced and Standard Protection

  • Enhanced Protection: Users who opt in receive the highest level of defense, with real-time site analysis and warnings about novel threats.
  • Standard Protection: While not directly leveraging on-device LLMs, these users benefit as newly identified scam sites are added to global blocklists.

Code Example: Detecting Keyboard Lock API Usage

To illustrate, here is a simplified JavaScript snippet Chrome might use to detect suspicious use of the keyboard lock API:

javascriptif ('keyboard' in navigator && typeof navigator.keyboard.lock === 'function') {
  navigator.keyboard.lock(['Escape']).then(() => {
    // Potential scam indicator: user cannot close window with Escape
    triggerLLMAnalysis(window.location.href, document.body.innerText);
  });
}

Future Outlook

Google plans to expand these protections to Chrome on Android and to detect other scam types, such as package tracking and unpaid toll scams.

The company is also researching countermeasures against advanced evasion tactics like prompt injection and timing bypasses.

Impact

Since deploying AI-powered scam detection, Google reports a 20-fold increase in blocked scam websites compared to three years ago, and a significant reduction in impersonation scams.

By embedding AI at the point of user interaction, Google aims to stay ahead of cybercriminals and keep millions safer online.

With Gemini Nano, Chrome users can browse with greater confidence, knowing that AI is working in real time to spot and stop scams before they strike.

Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates

AnuPriya
AnuPriya
Any Priya is a cybersecurity reporter at Cyber Press, specializing in cyber attacks, dark web monitoring, data breaches, vulnerabilities, and malware. She delivers in-depth analysis on emerging threats and digital security trends.

Recent Articles

Related Stories

LEAVE A REPLY

Please enter your comment!
Please enter your name here

About us

Exclusive Cyber Security News platform that provide in-depth analysis about Cyber Attacks, Malware infection, Data breaches, Vulnerabilities, New researches & other Cyber stories.
Contact Us: admin@cyberpress.org

Cyber Press

The latest

Nova Scotia Power Confirms Cyberattack Exposed Customer Banking Information

Cyber Attack
Nova Scotia Power, the province’s largest electricity provider, is...

Russian Hackers Target Email Servers Using XSS Vulnerabilities to Deploy Malicious Code

Cyber Security News
A recently uncovered cyberespionage campaign, tracked as Operation RoundPress,...

CISA Alerts on Active Exploitation of Fortinet Zero-Day Vulnerability

Cyber Security News
A newly disclosed vulnerability, CVE-2025-32756, has sent shockwaves through...

Subscribe

© Copyright 2024 - Cyber Press