07 November 19, 12:10
Quote:Continue Reading
When it comes to online security, you can never be too careful; this guide isn't about antivirus programs, firewalls or VPNs though, as it is about Chrome extensions.
Just because an extension is on the Chrome web store doesn't mean it is safe to use. There have been many cases of malicious add-ons which have been taken down in the past after they were installed by millions of Chrome users in some cases.
Note: The guide provides additional information on checking whether Chrome extensions are (likely) safe to use. You can check out Martin's guide on verifying Chrome extensions, and there especially the part on looking at the source.
How to determine if a Google Chrome extension is safe
We will focus on steps that you may undertake before installing extensions. It is often easier to determine if an extension is shady or outright malicious if you have installed it as it may be the cause for visible unwanted changes or activity such as hijacking search engines, displaying advertisement or popups, or showing other behavior that was not mentioned in the extension's description.
Users who known JavaScript may also check the source of the extension. Check out Martin's guide linked above for information on how to do that.
Web Store page
Analyze the extension's listing and see if it rings some alarm bells. Broken grammar or English may be seen as warning signs but since developers from all over the world publish extensions on the Store, some may be written by non-English natives. Bad grammar or spelling mistakes may not be used as an indicator. Irrelevant screenshots or very odd descriptions, on the other hand are all tell-tale signs of a malicious extension. These are quite rare though.
Logos
Malware developers resort to all sorts of tricks to infect users, and one of these is to use the logo (icon) of popular brands or applications. Sometimes, people get fooled by these and think it's from the company which makes the actual software. Pay attention to the developer name and click on it to see their other extensions.
Developer's Website and Contact
Does the extension have its own web page? Visit it to learn more about it and maybe something about the developer. We recommend using a content blocker when visiting these sites to avoid issues if the site is specifically prepared to attack decvices.
Not all extensions have a web page, but most do, at least for support requests/FAQs. Is there a contact option on the Chrome web store page which lets you email the developer? If there is one it's a good sign, but an absence of one doesn't mean it's a fake extension.
...
![[Image: Google-Chrome-extension-reviews.jpg]](https://www.ghacks.net/wp-content/uploads/2019/11/Google-Chrome-extension-reviews.jpg)