> Chrome attempts to detect these lookalike domains by comparing the URL you visited with other URLs that are either very popular, or that you have visited previously. These checks all happen within Chrome -- Chrome does not communicate with Google to perform these checks.
“Very popular” does make it sound like they have preloaded some list of the top 1000 or whatever domains.
Chrome warns me about possible phishing when visiting this site: https://i.imgur.com/vinigSP.png
"Did you mean linkedin.com? Attackers sometimes mimic sites by making hard-to-see changes to the web address."
Clicking [Learn more] opens this: https://support.google.com/chrome/answer/99020?p=safety_tip&...