Google is adding a dose of AI to the Chrome browser to protect users from tech support scams.In a blog post, Google says a new version of Chrome arriving for desktops this month will tap “on-device” AI to flag and detect the scams in real-time. These schemes often appear through pop-ups that mimic security alerts to trick the user into thinking their computer has been infected with a virus. Sometimes, they display a phone number to call for help, but it's all a scheme to dupe victims into paying for fake tech support. Although these scams have been around for years, the scammers behind them are constantly adapting their tactics to prey on more users. This can include making the pop-ups automatically expand to full-screen and disabling the mouse input to create a “sense of crisis,” Google noted. Others have encountered pop-ups that play alarming audio messages, claiming the computer has been locked down. (Credit: PCMag/Michael Kan)In reality, no infection has occurred; the pop-ups are merely abusing browser functions. To fight back, Google is using Gemini Nano, a large language model that initially appeared on Pixel phones, to detect tech support scams on the browser. Gemini Nano is small enough to run on the device itself, enabling it to flag threats in real-time. “We’ve found that the average malicious site exists for less than 10 minutes, so on-device protection allows us to detect and block attacks that haven't been crawled [by Google’s search engine] before,” the company says in the blog post.  Recommended by Our Editors(Credit: Google)The Gemini Nano model will activate when Chrome navigates to a potentially malicious web page. Because tech support scams trigger certain browser processes, the Gemini Nano model can analyze the suspected malicious web page, including its intent. The data is then sent to Google’s Safe Browsing online service for a “final verdict,” which will determine if Chrome should serve a warning telling the user about the potential threat. The approach might raise concerns about Gemini Nano draining resources or invading users' privacy. But Google says it’s come up with guardrails to address such concerns. “In addition to ensuring that the LLM is only triggered sparingly and run locally on the device, we carefully manage resource consumption by considering the number of tokens used, running the process asynchronously to avoid interrupting browser activity, and implementing throttling and quota enforcement mechanisms to limit GPU usage,” the company explains.It also looks like users can opt-out. Google says the LLM-summarized security signals are only sent to its Safe Browsing service “for users who have opted-in to the Enhanced Protection mode of Safe Browsing in Chrome, giving them protection against threats Google may not have seen before.” (Credit: Google)Meanwhile, users who’ve gone into Chrome's settings and picked the normal or no protection mode won’t have any large language model data sent to Google. But the company still notes: “Standard Protection users will also benefit indirectly from this feature as we add newly discovered dangerous sites to blocklists.”Google’s security implementation of Gemini Nano arrives in Chrome version 137 later this month. It comes shortly after Microsoft introduced a similar AI-powered capability for its Edge browser to detect and block “scareware” pop-ups.