Google Chrome browser extensions are a handy tool for a variety of tasks: you can easily listen to music in a contact, download a video from a site, save a note, check your page for viruses, and more.
However, like any other program, Chrome extensions (and they represent code or a program running in a browser) are not always useful – they can easily intercept your passwords and personal information, display unwanted ads, and modify the pages of the sites you view and do not only that.
This article will focus on exactly what kind of threat extensions Google Chrome can pose, as well as how you can reduce the risks when using them.
Note: Mozilla Firefox extensions and add-ons for Internet Explorer can also be dangerous and everything described below applies to them to the same extent.
Permissions you grant to Google Chrome extensions
When you install Google Chrome extensions, the browser alerts you to what permissions you need to work on before installing.
For example, to extend the Adblock for Chrome extension, you need “Access your data on all sites” – this permission allows you to make changes to all the pages you’re viewing, in which case remove unwanted ads from them. However, other extensions can use this feature to embed code on sites that appear on the Internet or to trigger pop-up ads.
At the same time, it should be noted that most Chrome plug-ins need access to the data on the site – without it, many simply can not work and, as already mentioned, can be used for both operations and malicious purposes.
There is no absolutely safe way to avoid the dangers associated with permits. You can only advise to install extensions from the official Google Chrome store, pay attention to the number of people who installed it before you and their reviews (but this is not always reliable), while giving preference to add-ons from official developers.
Although the last item can be difficult for a beginner, for example, find out which of the Adblock extensions is not so simple (pay attention to the “Author” field in the information about it): there is Adblock Plus, Adblock Pro, Adblock Super and others. and on the main store page it can be advertised informally.
Where to download the necessary Chrome plugins
Downloading extensions is best done in the official Chrome Web Store at //chrome.google.com/webstore/category/extensions. Even in this case, the risk remains, although when put into action, they are tested.
But if you don’t follow the tips and search third-party sites where you can download Chrome bookmark extensions, Adblock, VK, and others and then download them from a third-party resource, chances are you’ll get something unwanted, that you can steal passwords, or show advertising and possible infliction of more serious damage.
By the way, I remembered one of my observations about the popular savefrom.net extension for downloading videos from sites (perhaps, the description is no longer relevant, but it was six months ago) – if you downloaded it from the official Google Chrome extension, then when downloaded a large video, a message is displayed that you want to install another version of the extension, but not from the store, but from savefrom.net. In addition, instructions are given on how to install it (by default, Google Chrome refused to install it for security reasons). In this case, I would not advise you to take risks.
Programs that install their own browser extensions
Many programs also install browser extensions when installed on your computer, including the popular Google Chrome: almost all antivirus programs, programs for downloading videos from the Internet, and many others.
However, Pirrit Suggestor Adware, Conduit Search, Webalta and others can be distributed in a similar way.
As a rule, after installing an extension with any program, Chrome browser reports this and you decide whether to enable it or not. If you don’t know exactly what he suggests, don’t include it.
Secure extensions can become dangerous.
Many extensions are made by individuals, not large development teams: this is due to the fact that their creation is relatively simple and, in addition, it is very easy to use the work of other people without starting everything from scratch.
As a result, some sort of Chrome plugin for VKontakte, bookmarks, or something else, made by a student developer, can become very popular. This can result in the following:
The developer himself decides to implement some undesirable for you, but profitable functions for himself in his expansion. In this case, the update will happen automatically, and you will not receive any notifications about it (if the permissions do not change).
There are companies that are specifically affiliated with the authors of such popular search engine add-ons and buy them back to embed their ads and anything else.
As you can see, installing a secure add-on in your browser does not guarantee that it will stay that way in the future.
How to reduce potential risks
There is no way to completely avoid the risks associated with enlargements, but I would make the following recommendations, which could reduce them:
Go to the Chrome extensions list and delete the unused ones. Sometimes you can find a list of 20-30, while the user does not even know what it is and why they are needed. To do this, click the Settings button in the browser – Tools – Extensions. Many of them not only increase the risk of malicious activity, but also cause the browser to slow down or not work properly.
Try to limit yourself to those add-ons that are developed by large official companies. Use the official Chrome Store.
If the second paragraph, in some large companies, is not applicable, then read the reviews carefully. In this case, if you see 20 enthusiastic reviews and 2 – reporting that the extension contains a virus or malware, it is most likely really there. Just not all users can see and notice.
Experts opinion have not forgotten anything. If the information was useful, do not be lazy to share it on social networks, it may be useful to someone else.