This extension is meticulously crafted to safeguard users from phishing attempts that replicate the Office365 login interface, particularly when adversaries employ tools such as Evilginx.
- The extension checks the domain and content of the current page.
- It compares it to a list of valid Microsoft domains.
- If it detects a suspicious page that doesn't meet the criteria of a valid Microsoft login, the extension will stop the page from loading.
- A "Page Blocked Due to Phishing Suspicion" notification is displayed to alert the user.
- Download/clone this repo.
- Open the extensions page (
chrome://extensions/). - Toggle on the Developer mode setting.
- Click on Load unpacked.
- Select the directory from this repo.
Note: There may be some edge cases I haven't identified, and I might update the logic above as needed. Feel free to submit a PR.
http.favicon.hash:-2057558656 http.html:"Sign in"
