Chrome's Next Line of Defense: AI-Powered Protection Against Tech Support Scams

Google's Gemini Nano fights back against one of the web's most persistent scams

Jun 16, 2025

Why It's Important

Tech support scams aren't just annoying pop-ups-they're part of a growing criminal strategy designed to trick users into handing over money or control of their devices. These scams mimic system alerts, freeze browser windows, and display fake warnings, all designed to create a sense of urgency. With millions falling prey globally each year, these scams are not just a nuisance-they're a serious cybersecurity threat.

With the upcoming release of Google Chrome version 137, Google is shifting gears by embedding AI directly into the browser to recognize and block scam websites as soon as users land on them. This marks a critical shift in how browsers respond to evolving scams-real-time, behavior-based detection instead of reactive domain blocking.

What It Is / How It Works

Chrome's new anti-scam feature is powered by Gemini Nano, an on-device large language model (LLM) designed to work locally on the user's device-no cloud needed.

Here's how it will work in practice:

Detection in Real Time
As soon as you visit a webpage, Chrome's AI looks for telltale signs of tech support scams:
- Full-screen hijacking of the browser
- Warnings that your computer is infected
- Urgent prompts to call a "support" number
- Misuse of the Keyboard Lock API to disable the keyboard
Analysis of the Page's Intent
Instead of checking a database of known scam sites (which become outdated within minutes), Chrome uses the LLM to analyze the content and behavior of the page itself, looking for scam-like patterns.
Server-Side Validation
If the AI flags the page, Chrome sends its findings to Google's Safe Browsing servers. If confirmed as a scam, Chrome immediately blocks the page and displays a full-screen warning, known as an "interstitial."

Google's decision to keep the LLM on-device makes detection faster and more private. It sees what you see, when you see it-a vital approach given that many scam sites only last 10 minutes or less.

How to Reduce Your Risk of Tech Support Scams

Even with Chrome's new feature, users should remain cautious. Here's what you can do now:

Enable Enhanced Safe Browsing
Go to Settings > Privacy and security > Security > Safe Browsing and turn on Enhanced Protection. This gives Chrome more aggressive scanning powers.
Know the Red Flags
Tech support scams often:
- Go full screen and freeze your browser
- Use flashing alerts and fake virus scans
- Show a phone number to call for "help"
- Claim to be Microsoft, Apple, or your antivirus provider
Never Call the Number on a Pop-Up
Legitimate companies never request that you call through pop-up warnings.
Force Close Your Browser
If you can't exit a scam site, use Ctrl + Shift + Esc (Windows) or Cmd + Option + Esc (Mac) to close the browser. Reopen it in Safe Mode or clear your cache.
Install Additional Protection
Use a browser extension like Malwarebytes Browser Guard to block scammy websites and trackers before they load.
Report Scam Pages
Help protect others by reporting scam websites to Google here.

How to Enable AI Scam Protection in Chrome 137

Once version 137 rolls out:

Update Chrome through Settings > About Chrome.
Ensure Enhanced Protection is enabled.
Look under Privacy and security > Safe Browsing to confirm the new AI detection is turned on (this may be toggled on by default).
No extra installations needed-the Gemini Nano model runs on-device, automatically.

Chrome's Use of the Keyboard Lock API: A Smart Detection Angle

One detail that sets Google's approach apart is their monitoring of Keyboard Lock API usage. Originally built to improve gaming and app experiences in browsers, this API has been repurposed by scammers to prevent you from pressing escape or switching tabs.

Chrome's LLM is trained to identify abnormal uses of this API-especially when combined with full-screen popups and fake security alerts. This clever behavioral detection makes the browser far more aware of trap-like behavior, not just malicious code.

Why Local AI Detection Matters More Than Ever

What makes this move especially effective is where the AI lives-on your device. Unlike traditional blacklist approaches that rely on a server scanning URLs, on-device AI allows Chrome to spot fraud the moment you land on it, without waiting for a centralized update. This is essential in an era where scam websites appear and vanish within minutes.

And while Google is taking the lead, users on other browsers aren't immune. Scam pages are platform-agnostic-people have reported tech support warnings even while using Safari on iPads or Firefox on Linux machines.

The Hidden Strength Behind the Chrome AI Update

Chrome's new system not only detects known scams but is designed to understand intent-even if the scammer changes wording, visuals, or domain. That behavioral understanding makes it adaptive, not just reactive-a powerful evolution in browser security.

Don't Wait for the Pop-Up: Stay Alert, Stay Updated

This update to Chrome is a promising move, but it's not a silver bullet. Scammers evolve, and while AI can help spot their tricks, user awareness remains the first line of defense. Update your browser, enable security features, and educate others who might fall prey to panic-inducing pop-ups.

Strengthen your digital defenses with my Cybersecurity Mindset Checklist—grab your free copy here: https://cyberlifecoach.gumroad.com/l/mindset-selfcheck.

If you're concerned about your overall online privacy and want a personalized assessment of your potential risks, you can schedule a free privacy consultation here