- Security TWENTY
- Women in Security Awards
As the threat of fake browser extensions continues to escalate, internet users must get to grips with the tell-tale signs of how to spot a phoney browser application, as the convincing nature of these malicious extensions risk duping even the savviest of users. This is according to Ben Williams, senior director of ecosystems at Adblock Plus.
Last year, 37,000 users were tricked into installing a fake version of Adblock Plus, and this threat seems to have only accelerated, as new figures show that at least 20 million users have fallen victim to similar scams since. Google has moved to cut these infected extensions from its Web Store. But this is largely reactive, as fake extensions can only be spotted and responded to as they emerge, leaving some users at risk until Google’s moderation team is properly alerted. Because of this consumers must maintain a sharp eye when looking to download any browser extension, to ensure its creators have legitimate intentions and can be trusted, as Williams says: “Unfortunately, the threat of fake browser extensions is now an increasing part of our online experience, and something that is unlikely to go away anytime soon. Because of this the need to be vigilant when online is more important than ever. For users wanting to know how to spot a phoney extension there are signs to look out for.”
He says that scammers have become extremely creative when it comes to impersonating some of the most used extensions. “If you vaguely remember the name of an extension that you have been meaning to download, double-check its name through its website, and be certain that you are downloading the version with the correct spelling. This simple protocol will filter the majority of fraudulent extensions, as many scammers will try to piggyback off the popularity of other legitimate developers to secure as many downloads as possible. A slight variation in a name, whether that be in a space or a letter, can have a detrimental impact.
“Another giveaway is if a popular extension seems to be lacking in download numbers. Some fake extensions can gain quick momentum, and have what appears to be respectable download numbers, making their appearance even more convincing to the average user. Last year, the fake Adblock Plus extension gained around 37,000 downloads in just a few days, so it is understandable why so many people were deceived by its appearance. But when you consider that the legitimate extension has over ten million downloads on Google’s Web Store, this figure stands out as a red flag.
“Users’ should conduct as much research as possible into their prospective downloads, and ensure that all gathered information matches with the description listed on their application store. Any reliable web store will attribute a download to its developer, giving an accurate indication into an extension’s authenticity. Again, many criminals are highly skilled at impersonating reputable developers, so be sure to check for any slight variation in name, and click through to the website to check that it is from the original source.
“Consumers should not be left alone to tackle these problems, and more needs to be done to stop these types of malware from being advertised in the first place. Part of the problem sits with the fact that the verification process to make it onto Chrome’s Web Store has become largely automated, and it appears that this has come at the expense of the average user’s security.
“A solution might be to take a step back from machine verification, and revert to using humans to test new extensions manually. But this would take time and prove costly for Google, so in the meantime, users should deploy as many tactics as possible to ensure that they are not being duped into downloading malware. That way, users can continue to improve their online experiences by utilising new and exciting software, whilst keeping these threats at bay.”