The good and bad of browser extensions

Filed under: Internet Tips,Passwords,Security - Aug 20 2019

You likely spend most of the time on your computer using your web browser. Years ago the web browser was primarily used for reading news and email. Now we can do everything from grocery shopping, managing finances, word processing, and even work in browser-based versions of powerful business applications – without leaving a browser window. Part of what has made web browsers so useful – but also potentially hazardous – is the popularity of browser extensions.

Browser extensions are applications, often developed by third party developers, that users can download to expand the functionality of their web browsers. A few different extensions that we recommend can block ads, manage passwords, manage too many open browser tabs, or save web pages to Google Drive or Evernote – just to name a few. However there’s also an abundance of extensions that promise to do great things, yet cause far more trouble than they’re worth.

Some of these “bad” extensions just cause annoyances, displaying ads or automatically redirecting you to websites that you didn’t intend to browse to. Others are more malicious, spying on your browsing, stealing your data, or injecting malware into your system. What’s worse is that some extensions start out life perfectly legitimate, but then get bought by bad actors and become malicious.

Some of our most common calls for service are due to bad browser extensions. So how do you get the most out of browser extensions without falling prey to malicious ones? Here are 5 tips:

1. Be very wary of pop-ups advertising an extension.

Many users install extensions because they are prompted to in pop-up messages on websites. You always have the option to decline the extension, or close your browser to avoid installing a persistent installation prompt. If you didn’t go to a website looking to install an extension, it’s best to decline, since a large majority of the time the website is offering something that’s in their best interest – not yours.

2. Only download extensions from websites that you trust.

Do some research into the company behind the extension you’d like to download. Many extensions are developed by companies you know, such as Google or Microsoft, and these are generally safe. If you don’t recognize the vendor, be sure to read reviews of the extension on the browser’s extension interface – such as Chrome’s Web Store or Firefox’s Add-Ons page. Often malicious extensions will receive enough bad reviews to warn careful users away.

3. Take time to read all the fine print.

Whenever you’re downloading extensions, slow down to read all the messages your browser gives you about the extension. Chrome, for example, will show you exactly what information the extension will have access to, as pictured below.

In this example, you’d need to absolutely make sure that you want to give the extension – a third party app – access to “read and change all your data” and to “capture the content of your screen” before clicking “Add extension.”

4. Don’t download extensions bundled with other apps.

We’ve written before about the potential dangers of downloading/installing free software from the web. In many cases, free software applications will include browser extensions, which the user may download without paying attention, simply because they click “Next” on the installer window without reading the fine print. When downloading anything from the internet, always be sure to read every message carefully so that you are downloading only what you want and expect.

5. Monitor extension permissions

Be wary of any permission updates from extensions you already have installed. Pay attention to notifications about new permissions, especially if the extension has changed publishers.

6. Block or close prompts to allow websites to send notifications

Though not technically a browser extension – web browsers have enabled a “feature” to allow websites to pop-up notifications from a website, even when you’ve left that site. Though it may be useful to get notification alerts when you’re favorite news website is not open, or notifications about new email or Facebook activity – some untrustworthy websites have abused the feature and are causing excessive pop-ups for unrelated content. We recommend being very judicious if clicking to “allow” notifications, and only do so on websites that you know and trust. For more information read: How to block browser notification pop-ups.

Are you getting excessive pop-ups and getting redirected to websites that you didn’t intend to visit? Please contact us if you need help cleaning up your browser.

Print This Article Print This Article

Related posts (automatically generated):
  1. How to block browser notification pop-ups
  2. You May Not be Using All the Great Features of Your Browser
  3. Why Microsoft wants you to use their “Edge” browser
  4. Don’t rely only on Antivirus software to keep your computer virus-free