A “browser extension” is a program you can install for your internet browser (such as Chrome, Firefox, and Edge to name a few) to perform a specific function while you’re visiting web pages. Some extensions promise to stop advertisements and pop-ups, or make it easy to take screenshots, or display coupons while you’re shopping.
There are hundreds of thousands of browser extensions designed to help us to save time, be more productive, and personalize our online experience.
While most of them do what they’re supposed to do, some are designed to harm rather than help you.
Unfortunately, downloading a malicious browser extension without realizing it can reduce your productivity and inundate your work with unwanted advertising or, worse, compromise your security and privacy.
The most benign type of malicious browser extension is known as adware. It’s a form of malware (which is short for “malicious software”) that’s designed to bombard you with invasive ads.
This malware can also change your search engine to the developer’s own web page and, when you’re browsing the web or making purchases, send you to “affiliate pages” (these are web sites that will pay the malware developer a few cents for each new visit). This is how these developers generate revenue.
A recent report from a cybersecurity company revealed that more than 4 million of its customers have been attacked by adware concealed in browser extensions over the last couple of years.
And often people didn’t even know that they were under attack.
There’s a darker scenario in which these malicious extensions are hiding actual malware – which can infect your computer.
For instance, a common hacking tool that could be used is a keylogger. If this type of malware gets installed on your computer, every single keystroke that you type can be captured and sent to a hacker revealing your passwords, payment details, private communications, and a history of activity. You could also be infected ransomware, which starts to work behind the scenes as soon as it’s installed (again, most likely without you knowing it). If allowed to run freely, it will encrypt every file on your computer. The only way to decrypt the data is to pay the hacker a ransom so that they will (hopefully) send you a digital key to unlock your data. Unfortunately, many never get their data back, even after paying a hefty ransom. To make matters worse, many of these types of infections can spread across an entire network.
To keep your business and its data safe from the risk of malicious browser extensions, it’s important to only download extensions from reliable and trusted sources. Read reviews and look at ratings. If a browser extension seems too good to be true, it probably is.
As a business owner, there are also administrative steps and protections that should be seriously considered, such as limiting which extensions can be installed by your team.
We can help with implementing these types of protections, along with checking for other productivity and security risks and offering solutions. We are always working to keep abreast of the latest software protections to keep our customers safe.
Contact us if we can help in any way or if you’d like more information.
Published with permission from Your Tech Updates.
