Rogue Browser Extensions & Scams

Browser extensions are add-ons that people often use to improve the look and functionality of their web browser. However, among the good browser extensions, more rogue browser extensions seem to be popping up, and some users are installing them without realizing their potential risk to online privacy. In recent years, our computer repair shop has helped people who have been scammed through their phone or computer in some way. As we looked closely at each of the instance where someone was scammed, or almost got scammed – the common denominator in most of those cases was that the attacker knew something about the user’s recent online activities. Whether the user was trying to track a package, or contact support for an internet-based company – the attacker seemed to know enough information to come across to the user as legit. So, this raised the question of how the scammers were getting information about the user’s online activity?

Knowing the “how” is the key to preventing more scams of this nature. So, let us dive in.

Extensions Secretly Tracking Users Online

In the instances that we helped someone whose computer had been compromised, one thing that stood out is that the attacker seemed to know something about the user’s recent online activities. So, there had to have been a leak. What was interesting however was that there were no major threats on these computers –only a few seemingly innocent browser extensions.

Risky Browser Extensions

Digging further, I found that these browser extensions had permission to read the users search history, make changes to the user’s search settings, etc. With the right configuration, these rogue extensions could read or change your data on certain sites! Yet, some of the most commonly used computer protection software did not even flag these browser extensions as a potential risk. Anything the user searched for, or any sites that the user visited could be recorded by these rogue browser extensions. So, all it takes is having one of these malicious browser extensions to have an information leak! And that information in the wrong hands, with a bit of social engineering can be a source of trouble for unsuspecting computer users.

Malicious Extensions

Malicious browser extensions affect PCs and Apple (Mac)  computers alike. Mac users are not immune to this type of attack. Rogue browser extensions are a subtle type of threat that cyber criminals can use to collect data about the computer’s user without being obvious. Once an attacker has enough information about the computer’s user, they can usually execute a cunning confidence game on unsuspecting victims without raising any red flags.

The Solution

Not all browser extensions are malicious. You can find useful extensions that help you block ads for example, or help you lookup words. However, you have to do some research to find reputable browser extensions before you install them. On the other hand, rogue extensions are just trouble from the get go. They often pretend to be “useful” to the user in some way, while secretly collecting information about the user’s online activity. Sometimes they end up on the user’s browser through deception and they might remain unknown to the user until a computer whiz spots them.

If you suspect that you have rogue browser extensions, and you want to know how to get rid of unwanted extensions, check out our article on how to remove extensions. If you do not feel comfortable removing unwanted extensions by yourself, we encourage you to contact your local, trusted computer professional. They can help you remove the unwanted extensions and also help you configure your web browser’s privacy settings for better protection. If you found this information to be useful, pass it on. Thank you!