Extensions can add a lot of useful features on top of the standard functionalities provided by your browser. There are thousands of them – for games, shopping, work or productivity. At the same time, they can be much more dangerous than most people realize. “As in everything related to IT, there are good products and those that you would like to avoid. So the best thing you can do – always be cautious and never install anything without checking twice,” says Daniel Markuson, Digital Privacy Expert at NordVPN. “The most important steps before installing any browser extension should be checking if it comes from a trustworthy developer and source and how many access permissions it requests.”
The biggest problem with extensions is that they often require access to change or read everything you do online. If, for example, a browser extension is meant to manage your Google account, it may also be able to access your email, location data and other information. As mentioned before, not all browser extensions are bad, but you should be wary before choosing them.
“Even if a browser extension is valid, another problem is that many popular ones are later sold or hijacked. Then malware can be pushed through the automatic updates,” says Markuson. “This can happen because some extensions gain a lot of users, but their developers are not getting any money from it.”
How to use browser extensions safely
Browser extensions might be really convenient, so here are a few tips from Markuson on how to use them safely.
Don't use too many extensions: First of all, because using too many can affect your computer's performance. Secondly, as mentioned before, some extensions create a potential attack vector, so narrowing their number to the most essential ones might be a good idea. If you rarely use an extension, uninstall it.
Install only from the official stores: Make sure you download extensions for your browser only from a secure source, which usually means an official store. There's less chance to get a malicious one there. Also, check the developers of the extension beforehand. If it was created by some random guy, it's a good candidate to become malware (even if it is not at the moment).
Pay attention to the app permissions: If some of the required permissions seem unrelated or excessive, it might be an alarming signal. In such a case, better find another one that does the same job. This rule also applies to the add-ons you already have – if you are getting a new permission request, the extension might have been sold or hacked. By the way, don't forget to read reviews.
Use security solutions: Update your antivirus regularly and get a VPN. VPN keeps your private information safe from hackers and other cyber-criminals. Besides, it can detect and block many of the malicious websites and browser extensions that can do harm. VPN might be used as a native application for your device or as a browser extension, and that is one of the good ways to use extensions.
