Google has announced a new security feature in Chrome that leverages on-device AI to detect and block tech support scams in real time. The feature, powered by the ‘Gemini Nano’ large-language model (LLM), marks a shift toward localized threat detection, prioritizing privacy and performance. This update, rolling out in Chrome 137 for desktop, aims to combat fraudulent tactics like fake virus alerts and keyboard lock API abuse1.
Key Features and Rollout
The integration of Gemini Nano enables Chrome to analyze page content offline, identifying scam patterns such as urgency tactics or impersonation. Suspicious signals are cross-referenced with Google Safe Browsing, but the bulk of processing remains on-device to preserve user privacy2. Enhanced Protection Mode, accessible via Chrome’s settings under Privacy & Security > Security, reportedly doubles phishing/scam detection rates compared to Standard mode1. Android support is planned for late 2025, with experimental access currently available in Chrome Canary under the flag Client Side Detection Brand and Intent for Scam Detection3.
Technical Implementation
Gemini Nano operates asynchronously, throttling GPU/CPU usage to minimize performance impact. The LLM scans page text and structure for malicious intent, triggering warnings if threats are detected. For example, abuse of the keyboard lock API—a common tactic in tech support scams—activates the model1. Only anonymized signals are shared with Google when Enhanced Protection is enabled, addressing privacy concerns2.
Impact and Future Plans
Early metrics show the system blocks 20x more scam pages than previous methods, reducing airline and visa scams by 80% in 20244. Google plans to expand coverage to package delivery scams, fake toll notices, and government impersonation. Future Android updates may include AI-driven warnings for spammy notifications and scam calls5.
Relevance to Security Professionals
This development highlights the growing role of on-device AI in threat detection, offering a template for balancing privacy and security. Red teams may test evasion techniques against Gemini Nano, while blue teams can leverage Chrome’s Enhanced Protection Mode as part of layered defenses. System administrators should prepare for broader adoption of local AI models in endpoint security.
Conclusion
Google’s deployment of on-device AI in Chrome reflects a strategic shift toward real-time, privacy-preserving threat detection. As tech support scams evolve, this approach could set a precedent for browser-based security. Future updates will likely refine detection capabilities and expand platform support.
References
- “Using AI to Stop Tech Support Scams in Chrome,” Google Security Blog, May 2025.
- “Google Rolls Out AI Tools to Protect Chrome Users Against Scams,” TechCrunch, May 8, 2025.
- “Google AI Gemini Nano to Combat Scams in Chrome,” Infosecurity Magazine, May 2025.
- “Google’s AI Prevents Scams in Search and Chrome,” CNN, May 8, 2025.
- “Google Bets on AI for Scam Detection,” The Cyber Express, May 2025.
