Chrome may be one of the most secure web browsers available today, but that doesn’t stop those with malicious intent from finding loopholes to exploit. Extensions are arguably one of the best features the browser, but sadly that has become an entry point for those seeking to take advantage of users. Some Chrome extensions have been found out to steal data, spy on users, and inundate users with lots of pop-up ads, just to name a few.
Just like apps on Android devices, Google Chrome extensions require a certain set of permissions – access to camera, microphone, and others – before it can be installed. Problems arise when users grant access without fully understanding the permissions.
Knowing that they could easily fool a portion of the online population, malicious makers ramp up publication of malware-infested extensions.
How to detect suspicious extensions
The Chrome store is filled with extensions and apps that make web browsing and other related activities more convenient. However, users must also be cautious about what they choose to install on Chrome. Just because it’s in the Chrome stores doesn’t mean it is completely “safe.”
Here are signs to look out for:
- Provides little to no information. Apps and extensions from known publishers provide basic information about what their product does. Clicking on a listing shows three tabs: Overview, Reviews, and Related.
The Overview should provide a clear description of what the product does, preferably with some screenshots. Reviews are hard to judge because some comments could be dubious at best, particularly if most of them are one liners exulting how “great” the product is. Use your best judgment here and if still in doubt, Google what has been said about the product.
- Needs invasive permissions. Always ask why a particular app or extension would need certain permissions. For instance, Malwarebytes came upon a calculator extension that required permission to read and change ALL data on websites a user visits. That’s highly suspicious for a calculator app.
- Offers promises that are too good to be true. Are you getting something free in return for installing the app? Are you going to be given access to videos in exchange for getting an extension? Treat these promises with caution because most of the time nothing good ever came from trusting makers of such products.
How to prevent being a malware victim
There are a couple things you can do, but the most important is to install apps or extensions from trusted sources or those that have been endorsed by trusted sources. Doing a bit of research before installing is one of the best ways to protect yourself online.
Google also continues to bake in security features into Chrome so keeping the browser updated helps keep you safe.
If you suspect yourself to be a victim of unwanted programs, download the Chrome Cleanup Tool to remove them. After that, reset your settings.
Google Chrome is one of the most sophisticated web browsers on the planet; it allows users to do many things besides surf the web. However, it’s not safe from being exploited by people wishing to do ill. This is why it’s important to keep it updated and only trust reputable sources.