Experts believe that excluding www and m from the address bar increases the risk of phishing attacks.
Google has revised the decision to automatically exclude the subdomains www and m from the Chrome address bar. The innovation appeared in the version of Chrome 69 and caused a negative reaction from both users and experts in the field of cyber security, warning that this way the browser becomes vulnerable to phishing attacks. As Google employees explained, www and m are “ordinary subdomains” and displaying information about them is superfluous.
Experts believe that excluding www and m from the address bar increases the risk of phishing attacks. According to them, this measure will lead to the fact that the addresses of different sites will look the same, for example,www.pool.ntp [.] Org – web-site, but in the address bar it will be displayed as NTP-server pool.ntp.org or m .tumblr.com (not a true Tumblr microblogging service site) will turn into tumblr.com (the official Tumblr resource).
In connection with numerous complaints, the techno gigan revised the approach and decided to roll back the changes to Chrome 69. However, the update of Chrome 70 will still exclude the subdomain www (but not m) from the address bar. The company also intends to initiate a public discussion about the advisability of standardizing the mapping of subdomains www and m by browsers.