Welcome to #WeekendWisdom number 53. This week we’re going to talk about Dodgy Browser Extensions.
What is a browser extension?
They are also known as add-ons and they are utilities that can be added to your browser. Such as Google Chrome or Firefox or Microsoft Edge. They give you an additional functionality that was not there before.
So you might have something that might:
- mark-up a PDF file for you
- reads out some text through your speakers
- you’re using an adblocker
- you’re using your password manager, that will probably have a browser extension.
What are the risks?
The issue here is the risk that these browser extensions are able to see everything you’re doing in your browser. For example a browser extension that you’re using was developed by a single individual. They had created it and brought it up to where it is now and it became very popular. They may be approached by other people to give in an offer to take over that browser extension. If they had nefarious purposes in mind, they could then take over that extension. Then use it for things that you didn’t expect in the first place.
An example of Dodgy Browser Extensions
There’s a recent example with the “Nano Adblocker” extension. It had been taken over. The people who did that, they got it to go into people’s Instagram accounts and start liking hundreds of photos. Now that was nasty, but it was not the worst that they could possibly do.
So be very careful about how many browser extensions you have on in your browser. Try and restrict their access as much as possible.
So that’s it for this week. Let’s be careful out there and we’ll talk to you again next week.
How can L2 Cyber Security help you?
We offer a full range of training programmes, which can be delivered online or in-person*.
L2 Cyber Security are also a partner of CyberRiskAware for online self-directed Cyber Security Awareness training and Phishing testing.
Contact us for more information at info@L2CyberSecurity.com.
*With appropriate social distancing and other health and safety measures adhered to.