Google is experimenting with showing domain names only in Chrome's address bar instead of full URLs. The function will be tested in the upcoming Chrome 86 version. Google hopes the change can protect users from fraud and phishing attacks with misleading URLs.
Domain names and URLs are one of the most basic forms of web security that let us know quickly where we are online. However, sometimes they can be used to mislead. Hackers and scammers often create fake websites that look plausible by using URLs with typos (twittter.com), unknown subdomains (yourbank.sign-in.info), or separate domains (Secure-gmail.com). Unsuspecting users visit these URLs thinking they belong to legitimate companies before being tricked into revealing their credentials.
Full URLs can be activated by right-clicking on the address bar.
Some browsers like Safari only show the domain name of a URL in the address bar, partly because it looks cleaner, but also because some of these scams become more obvious. If you are used to seeing facebook.com in your address bar and your browser suddenly shows facebook.com.money.biz.scam.inc instead, you will (hopefully) be suspicious.
According to Google, the new function will only be shown for domains of a random subgroup of users in Chrome version 86. The company wants to know if the change "will help users know they are visiting a malicious website and protect them from phishing and social engineering attacks." If so, we can probably expect it in the future will be an integral part.
If you're not signed up for the experiment but want to see how it looks, you can download Chrome 86 via the Canary or Developer channels, open chrome: // flags and enable the following flags: # omnibox-ui-disclose-steady – state-url-path-query-and-ref-on-hover and # omnibox-ui-sometimes-elide-to-registrable-domain and restart Chrome to test it. Chrome 86 is not expected as a stable version until October.