We’ve all done it.
You find a shiny new browser extension that promises to make life easier — block ads, find discounts, boost productivity — and with one click, it’s installed.
Here’s the sting:
Some extensions are less about helping you, and more about helping hackers get a front-row seat to your online life.
Why Extensions Are Risky
• They sit inside your browser, often with permission to “read and change all your data on websites.”
• Many are made by small developers, with little oversight.
• Once installed, they can see passwords, messages, browsing history — basically, everything.
• Even legit extensions can be sold to dodgy companies who turn them into spyware later.
Real Example
In 2020, Google had to remove over 100 Chrome extensions after researchers found they were secretly stealing user data.
Millions of people had installed them, believing they were harmless tools.
Do This Today
- Review your extensions
Open your browser’s settings and delete anything you don’t use. - Check permissions
If an extension wants access it doesn’t need, that’s a red flag. - Stick to trusted sources
Only download from the official Chrome Web Store, Firefox Add-ons, or Edge Add-ons. - Update regularly
Developers patch bugs and security holes — but only if you keep extensions updated. - Be ruthless
The fewer extensions you have, the smaller your attack surface.
Key Takeaway
Browser extensions are like house guests — a few are helpful, but too many, or the wrong ones, and they’ll start snooping in every drawer.
At The Cyber Workshop, our Cyber Hygiene Workshop shows you how to spot risky add-ons, manage permissions, and keep your browser locked down without losing convenience.
Till next time,
Keep your browser lean, and don’t let dodgy extensions move in rent-free.
