Not all extensions have a web page, but most do, at least for support requests/FAQs. Is there a contact option on the Chrome web store page which lets you email the developer? If there is one it's a good sign, but an absence of one doesn't mean it's a fake extension. We recommend using a content blocker when visiting these sites to avoid issues if the site is specifically prepared to attack decvices. Developer's Website and Contactĭoes the extension have its own web page? Visit it to learn more about it and maybe something about the developer. Pay attention to the developer name and click on it to see their other extensions. Sometimes, people get fooled by these and think it's from the company which makes the actual software. Malware developers resort to all sorts of tricks to infect users, and one of these is to use the logo (icon) of popular brands or applications. Irrelevant screenshots or very odd descriptions, on the other hand are all tell-tale signs of a malicious extension. Bad grammar or spelling mistakes may not be used as an indicator. Broken grammar or English may be seen as warning signs but since developers from all over the world publish extensions on the Store, some may be written by non-English natives. Web Store pageĪnalyze the extension's listing and see if it rings some alarm bells. Check out Martin's guide linked above for information on how to do that. Users who known JavaScript may also check the source of the extension. It is often easier to determine if an extension is shady or outright malicious if you have installed it as it may be the cause for visible unwanted changes or activity such as hijacking search engines, displaying advertisement or popups, or showing other behavior that was not mentioned in the extension's description. We will focus on steps that you may undertake before installing extensions. How to determine if a Google Chrome extension is safe You can check out Martin's guide on verifying Chrome extensions, and there especially the part on looking at the source. Note: The guide provides additional information on checking whether Chrome extensions are (likely) safe to use. There have been many cases of malicious add-ons which have been taken down in the past after they were installed by millions of Chrome users in some cases. A cybersecurity firm that worked with BBC on the story confirmed that samples posted by the hackers included private messages from 81,000 accounts, but it discounted the hackers’ claim to have data from 120 million accounts.Just because an extension is on the Chrome web store doesn't mean it is safe to use. Consumer Reports has a Chrome browser extension that shows members the CR ratings for products we’ve tested when they view the items on several retailer websites.Īccording to the BBC, which uncovered the leak, cybercriminals offered to sell personal Facebook information on a hacker message board. “We have contacted browser makers to ensure that known malicious extensions are no longer available to download in their stores and to share information that could help identify additional extensions that may be related.”Įxtensions are small software programs that typically add useful functionality to web browsers such as Google Chrome, Mozilla Firefox, and Microsoft Edge, and are downloaded from online app stores hosted by these companies. “We believe this information was obtained through malicious browser extensions installed off of Facebook,” Guy Rosen, Facebook vice president of product management, tells Consumer Reports. That’s because Facebook says the data loss didn’t stem from a security breach of the social platform itself but rather from an extension people had loaded onto their computers. A recent leak of private Facebook messages, primarily in Europe, should remind consumers to be cautious when downloading and using web browser extensions, security experts say.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |