One More Chrome Extension? You Need an Intervention! – Chrome Extensions Research

Our research shows that 1 in 2 Chrome extensions are poised to wreak havoc on your digital privacy and security. But what does that mean, exactly, and how did we get there?

Our researchers analyzed the data collection practices of 1,237 Chrome browser extensions, focusing on the Risk Impact and Risk Likelihood scores of each extension.

Key findings:

  • 1 in 2 (48.66%) Chrome extensions have a high or very high Risk Impact.
  • 1 in 4 (27%) Chrome extensions collect data.
  • Chrome extensions used for writing:
    • are the most data-hungry (79.5% collect at least one data point)
    • collect the most data types on average (2.5 data types).
    • the riskiest, asking for the most permissions, with one of the highest average Risk Impact scores (3.7/5.0).
  • Extensions in the Shopping category are among the most data-hungry (64.9% collect user data) and the most potentially harmful (with an average Risk Impact of 3.9/ 5.0).

Risk Impact is a measure of the potential consequences of an extension being or turning malicious, while Risk Likelihood refers to the probability that an extension is or may become malicious.1

Some Chrome extensions have access to virtually everything you do in your browser, including all your keystrokes. If an extension like this was to turn malicious or get compromised, a bad actor could spy on your every move and steal your login and payment details from any site you visit. These are the highest Risk Impact extensions.

Risk Impact is only half the story, though. While in use, an extension like Grammarly sees most of what you’re typing* (minus some sensitive fields), but the company behind it has a good track record of keeping user data safe. It has a high Risk Impact but low Risk Likelihood. It’s generally considered safe.

You might also come across an extension made by a fly-by-night developer with a history of questionable business practices that doesn’t require any suspicious permissions. So an extension like this would have a high Risk Likelihood but low Risk Impact and may well be relatively safe.

So, to assess the danger posed by your favorite Chrome extensions, you need to look at both Risk Impact and Risk Likelihood scores together. The safest extensions score low on both measures. The most obviously dangerous ones score high on both.

The bubble size represents the extensions count

The safest extensions have a low Risk Impact and low Risk Likelihood, while the most dangerous score highly on both measures. The vast majority fall somewhere in between these extremes and it’s up to the user to decide if they’re comfortable installing a given extension. Risk Impact won’t change without the user knowing, since the extension would have to request additional permissions, but Risk Likelihood can change without notice, for example when an extension changes hands The distribution [above/below] shows the proportions of extensions studied that are generally considered safe (teal), that should be installed with caution (yellow), generally avoided (pink), or that are not recommended (red).

Permissions are key

Almost half of the 1,237 Chrome extensions analyzed score highly on Risk Impact. Risk Impact is defined, first and foremost, by the permissions a given extension requires at installation. Some permissions are more potentially dangerous than others. 

According to Aleksandras Valentij, Information Security Officer at Surfshark:

“[Users should] be extremely cautious with browser extensions that require the following permissions: read and change all your data on all websites you visit, audio capture, browsing data, clipboard read, desktop capture, file system, geolocation, storage, and video capture.” 

Mr. Valentij goes on to add that:

“The general advice in such cases is to use common sense when granting permissions to browser extensions. For example, why would an ad blocker need audio capture access or access to your file system? If you have doubts, simply don’t use that particular add-on. There are plenty of alternatives for each add-on out there.”

Simply put, an extension can’t steal, share or “lose” data to which it doesn’t have access in the first place. Permissions can be used, either by the extension developer or third parties, to do everything from inserting affiliate IDs into shopping-site cookies2 to logging your every keystroke.

In developers we trust

Some extensions truly can’t function without certain permissions, even scary ones like clipboard read and browsing data. This is why it’s important to only use extensions from trusted developers. A trusted developer is one with a history of problem-free software development and high user ratings.

Seeking out trusted developers is neither easy nor foolproof, though. A previously above-board developer can turn bad actor, reviews can be bought or faked, and extensions can be compromised through no fault of the developer.

Doppelgänger extensions also complicate things. You might think you’re installing a tried, tested, and trusted extension when really it’s a malicious counterfeit. These are easy to fall for if you’re not very careful to match the extension and developer names exactly.

Finally, there’s a risk to downloading High Risk Impact extensions even from verified and trusted developers. Extensions, like any other proprietary software, can change hands without the user being made aware. You grant permissions to the extension, not its developer. A less-than-trustworthy company could then acquire the developer, publisher, or code base and do as it pleases with your data.

Adware vendors buying Chrome extensions and infecting them with adware and malware3 is a well-known practice. There are many examples of this, from the Particle extension takeover4 to smaller developers having their reputations dragged through the mud5. Even a generally reputable company buying out a beloved extension can cause widespread concern6.

Data collection is where it’s at

All this talk of risk and danger is a little abstract if we don’t look into exactly what kinds of data are being exposed and collected by these Chrome extensions. Over 1 in 4 of the extensions studied (27%) collect data on their users.

Below is a breakdown of this data by type and the percentage of extensions that collect it.

There’s no data here that isn’t a cause for concern. Any of this information can be used against you to devastating effect. Combining data from these categories is privacy-disrupting dynamite. It doesn’t take much imagination to see how pairing Personally Identifiable Information (PII) with health information, for example, can be used to invade your privacy.

Even “just” website content and location data can put you at risk. Say you spend some time looking up information on the legality of abortion procedures in your area and then make a couple of visits to a family planning clinic. In 2022, this can land you in a world of trouble7 you don’t need.

Then there’s the more typical criminal element: a malicious or compromised Chrome extension that has access to your every keystroke could be used to scrape your login and payment details. The sites you visit, the authentication information you use to log into them, and your credit card details are all right there on a silver platter.

Chrome extensions collecting the most data

If one or two data points can be devastating in the wrong hands, imagine what six or seven could do. Yet the top 10 data-collecting extensions collect exactly that much. They’re all Productivity and Shopping extensions.

Extensions that collect the most data, by category

The table below ranks all the categories studied by the % of extensions collecting data, the number of data types collected, and average risk metrics.

A whopping 65% of shopping extensions collect user data, at an average of 1.4 data types each. The combined average risk metrics are also the highest in this category, with an average Risk Impact of 3.9 and Risk Likelihood of 1.6.

Productivity, Search Tools, and Sports extensions vie for second place, with 32-35% of them collecting data, on average. Productivity extensions edge ahead with an average of 0.7 data types collected and the second-highest Risk Impact and Risk Likelihood pair of any category: 3.3 and 1.7, respectively.

Keep in mind that when dealing with averages like this, the differences within each category will be greater than those between categories. Still, on average, shopping extensions require more caution than other categories. They collect the most data by far and have the highest Risk Impact.

Extensions collecting the most data by use case

Another useful way to break down the data is to look at use cases. Filtering the results by keywords that speak to different use cases reveals clear deviations from the norm. Just over 1 in 4 (27%) of all Chrome extensions examined collect user data. Yet almost 4 in 5 (79.5%) of writing extensions do so.

So writers, bloggers, and language learners need to pay particular attention to how they augment their browsers. Especially given that writing extensions also collect the greatest number of data types (2.5 on average) and have one of the highest average Risk Impact scores (3.7/5.0).

Drilling down into the types of data writing extensions collect, we see that 56.4% collect PII (Personally Identifiable Information) and 33.3% collect location data. That’s a lot of trust to place in a company that’s looking to monetize its interactions with you. The table below shows the most data-hungry writing extensions.

The wildly popular Grammarly extension collects five data types, has a Risk Impact score of 4 out of 5, and boasts over 10,000,000 installs. Its Risk Likelihood is the lowest possible, but it’s not immune to being compromised by third parties, like state-sponsored hackers—no developer is.

Safety in Numbers?

Sticking to only the most popular Chrome extensions might seem like a good way to minimize risk. The data shows otherwise, though:

It turns out that more popular extensions are more likely to collect user data and collect more data types on average. Among the most popular extensions, 36% collect data, at an average of 0.9 data types. Only 20.7% of the least popular extensions collect data, with an average of 0.4 data types being collected.

The risk analysis shows an analogous correlation, with Risk Impact increasing with popularity:

So there’s really no substitute for looking into each extension individually before deciding whether to install it. We have some great tools and techniques to help you with this, but first, let’s look at some general best practices that we can glean from this research.

What we can learn from the worst of the worst 

The most dangerous Chrome extensions combine high Risk Impact with high Risk Likelihood. We found that, out of the 1,237 extensions we analyzed, 47 scored 4 or 5 on both of these measures.

The most common use cases among these 47 extensions are: increasing volume (5), refreshing tabs (5), watching videos in a floating window (5), translating (4), and screen recording (3).

Straight away you can see that they all have one thing in common: they’re useless additions to your browser, duplicating functions available in your operating system, the browser itself, or the given website or web app. No one needs any of these extensions. They wouldn’t be worth any level of risk, let alone the greatest level.

You can find the list of these high Risk Impact & high Risk Likelihood Chrome extensions at the bottom of this page.

Straight away you can see that they all have one thing in common: they’re useless additions to your browser, duplicating functions available in your operating system, the browser itself, or the given website or web app. No one needs any of these extensions. They wouldn’t be worth any level of risk, let alone the greatest level.

So what should you do when installing Chrome browser extensions?

First and foremost, ask yourself if you really need yet another extension. Does your operating system, browser, or some other piece of software you already have offer the same functionality? Search online and find out. It could save you from bloating your browser with risky extensions unnecessarily.

Generally speaking, the more extensions you have, the slower your browser and computer run. Some are real resource hogs, eating up RAM and CPU cycles like nobody’s business. More importantly, the odds of coming across a malicious Chrome extension8 or having one compromised stack as you add more of them to your browser.

If you’re convinced you need an extension to do whatever it is you’re doing, check its permission requirements and risk profile. Always double check you’re looking at the original extension by making sure the extension name, logo, and developer name match what you were expecting.

Check the risk profile of any extension on the Chrome Web Store

To check an extension’s risk profile, find it on the Chrome Stats9 website. Alternatively, here’s a one-click way to bring up the risk profile for any extension on the Chrome Web Store:

Setting it up takes less than a minute and will save you a lot of time if you’re a power user. All you need to do is add a bookmark that contains some simple JavaScript to your browser. Here’s a step-by-step guide:

  1. Click the star in your browser’s search bar (it doesn’t matter what page you’re on).

  2. Click “more.”
  3. Paste the following line of JavaScript into the URL field as shown below.



javascript:(function(){location.href=’https://chrome-stats.com/d/’ + window.location.href.replace(/https:\/\/.*\//g, “”);})();

Now go to the Chrome Web Store page of any extension, and you’ll be able to bring up the Chrome Stats page for that extension with a single click.

The extension looks a little too risky? Look for alternatives

Don’t shrug off any red flags or lingering doubts—whatever your need, it’s bound to have been addressed by other developers. To find similar extensions:

On the extension’s Chrome Web Store page click on “related.”

The gold standard in terms of minimal data collection is using Free and Open Source (FOSS) extensions, like Bitwarden10 and uBlock Origin11. Failing that, look for extensions that are marked as trusted by Google and have an acceptable risk profile on Chrome Stats.

Methodology

Our researchers analyzed 1,237 Google Chrome extensions available on the Chrome Web Store. These extensions all have at least 1,000 installs and fall under 56 use cases, from writing to gambling. Our analysis was focused on their risk profiles (scraped from Chrome Stats) and the nine data types that extensions can collect.

The extensions were analyzed according to their:

  • Category
  • Use case
  • Number of installs (<3,000; 3,000–9,999; 10,000–49,999; >=50,000)
  • Country of origin (for the extension developers that declared it)
  • Risk Impact and Risk Likelihood

Given that information on the collection and sale of user data is provided voluntarily through a declaration, the data on this aspect are assumed to represent the best case scenario.

References

  1. “Risk analysis,” ChromeStats, accessed October 25, 2022, https://docs.chrome-stats.com/analysis/risk-analysis.
     
  2. Sabrina Ortiz, “Malicious Google Chrome extensions affect 1.4 million users,” last modified August 31, 2022, https://www.zdnet.com/article/malicious-google-chrome-extensions-affect-1-4-million-users/.
  3. Ron Amadeo, “Adware vendors buy Chrome Extensions to send ad- and malware-filled updates,” last modified January 18, 2014, https://arstechnica.com/information-technology/2014/01/malware-vendors-buy-chrome-extensions-to-send-adware-filled-updates/.
  4. Catalin Cimpanu, “‘Particle’ Chrome Extension Sold to New Dev Who Immediately Turns It Into Adware,” last modified July 13, 2017, https://www.bleepingcomputer.com/news/security/-particle-chrome-extension-sold-to-new-dev-who-immediately-turns-it-into-adware/.
  5. Amit Agarwal, “I sold a Chrome Extension but it was a bad decision,” last modified January 16, 2014, https://www.labnol.org/internet/sold-chrome-extension/28377/.
  6. Kevin Purdy, “Beloved browser extension acquired by non-beloved antivirus firm,” last modified September 9, 2022, https://arstechnica.com/gadgets/2022/09/beloved-browser-extension-acquired-by-non-beloved-antivirus-firm/.
  7. Bobby Allyn, “Privacy advocates fear Google will be used to prosecute abortion seekers,” last modified July 11, 2022, https://www.npr.org/2022/07/11/1110391316/google-data-abortion-prosecutions#:~:text=In%20the%20first,Times%20in%202019.
  8. “ChromeLoader Infects the Browser by Loading Malicious Extension,” BlackBerry Blog, last modified November 3, 2022, https://blogs.blackberry.com/en/2022/11/chromeloader-infects-the-browser-by-loading-malicious-extension.
  9. “ChromeStats,” Google, accessed October 24, 2022, https://chrome-stats.com/.
  10. “Move fast and securely with the password manager trusted by millions,” Bitwarden, accessed November 4, 2022, https://bitwarden.com/.
  11. “uBlock Origin – Free, open-source ad content blocker,” uBlock Origin, accessed November 4, 2022, https://ublockorigin.com/.

*Update from Grammarly:

“Grammarly only accesses the text users write while using our product to provide suggestions and is blocked from accessing anything typed in fields marked “sensitive,” such as credit card and password fields. Grammarly only checks the text users want it to, and they can always see what Grammarly is processing by the presence of the Grammarly widget. Users can also turn off Grammarly in any application at any time if they don’t want it to check a particular piece of text.”

Appendix: Highest risk Extensions and their alternatives

Here are some of the worst extensions and their less risky alternatives. Note that sometimes no extension at all is the better alternative.

Use case : Change your cursor
Apps Risk impact Risk likelihoood Permissions
Cute Food & Drinks Cursor 4 5 Read and change all your data on all websites
Alternatives to use:
Change My Cursor - better to avoid using an extension for this use case 1 2 None
Use case : Find cheap flights
Apps Risk impact Risk likelihood Permissions
shoopit - pay less for travel 4 4 Read and change all your data on all websites
Alternatives to use:
PlanMoreTrips - We Find The Cheapest Flights 3 1 Read and change all your data on a number of websites
Use case : Sound equalizer
Apps Risk impact Risk likelihood Permissions
Equalizer Professional 4 5 Read and change all your data on all websites
Alternatives to use:
no alternative - better to avoid using an extension for this use case
Use case : Lookup meaning of words
Apps Risk impact Risk likelihood Permissions
Dictionary - Synonyms, Definition, Translator 4 5 Read and change all your data on all websites
Alternatives to use:
Oxford Dictionary Lookup 1 1 None
Use case : Create and edit PDFs
Apps Risk impact Risk likelihood Permissions
PDF toolbox 4 5 Read and change all your data on all websites, Manage your downloads
Alternatives to use:
no alternative - better to avoid using an extension for this use case
Use case : Save songs from vk
Apps Risk impact Risk likelihood Permissions
Скачать музыку с ВК 4 5 Read and change all your data on all websites, Manage your downloads
Alternatives to use:
VK Music - audio saver (better to avoid any extensions for this use case) 3 1 Read and change all your data on VK.com
Use case : Browser game
Apps Risk impact Risk likelihood Permissions
Snake 4 5 Read and change all your data on all websites, Manage your downloads
Alternatives to use:
Snake 1 1 None
Use case : Video Downloader
Apps Risk impact Risk likelihood Permissions
Video Downloader Plus 4 5 removed from chrome
Alternatives to use:
no alternative - better avoid using an extension for this use case
Use case : Change browser settings
Apps Risk impact Risk likelihood Permissions
Microsoft Bing Homepage & Search for Chrome 4 5 Read and change all your data on all websites, Display notifications, Change your home page to:bing.com, Change your search settings to:bing.com, Change your start page to: bing.com
Alternatives to use:
no alternative - better change your browser settings yourself
Use case : Save songs from vk
Apps Risk impact Risk likelihood Permissions
Скачать музыку из ВК 4 5 Read and change all your data on all websites, Manage your downloads
Alternatives to use:
VK Music - audio saver (better to avoid any extensions for this use case) 3 1 Read and change all your data on VK.com
Use case : Block dangerous sites
Apps Risk impact Risk likelihood Permissions
Paranoid Web Extension 4 5 Read and change all your data on all websites
Alternatives to use:
no alternative - install a trusted Parental Control Software
Use case : Increases volume
Apps Risk impact Risk likelihood Permissions
Audio + Volume Booster & equalizer 4 5 Read and change all your data on all websites
Alternatives to use:
no alternative - better to avoid using an extension for this use case
Use case : Screen recorder
Apps Risk impact Risk likelihood Permissions
Scrcast screen recorder 4 5 Read and change all your data on all websites, Manage your downloads, Capture content of your screen
Alternatives to use:
Better to avoid using an extension for this use case - Use native Screenshot or QuickTime (Mac) or built-in Game bar
Use case : Video downloader for OK.ru
Apps Risk impact Risk likelihood Permissions
OK.ru Downloader (IDL Helper) 4 5 Read and change all your data on all websites
Alternatives to use:
no alternative - better to avoid using an extension for this use case
Use case : Image search on AliExpress
Apps Risk impact Risk likelihood Permissions
AliPrice Search by image for AE 4 4 Read and change all your data on all websites
Alternatives to use:
AliExpress Image Search 3 1 Read and change all your data on all aliexpress.com sites and shoppingcart.aliexpress.com
Use case : Video downloader
Apps Risk impact Risk likelihood Permissions
Video Downloader Wise 4 5 removed from chrome
Alternatives to use:
no alternative - better to avoid using an extension for this use case
Use case : Emoji
Apps Risk impact Risk likelihood Permissions
Emoji Keyboard- copy&past your emoji. 4 5 Read and change all your data on all websites
Alternatives to use:
Keyboard.cool - emoji & symbol keyboard 1 1 None
Use case : Wallpapers
Apps Risk impact Risk likelihood Permissions
MyStart Wallpapers New Tab Theme 4 4 Read and change all your data on all mystart.com websites. Replace the page you see when opening a new tab, Read your browsing history
Alternatives to use:
Nature Wallpapers HD video New Tab background (better to avoid any extensions for this use case) 2 1 Replace the page you see when opening a new tab, read a list of your most frequently visited sites.
Use case : Reference
Apps Risk impact Risk likelihood Permissions
PERRLA 4 4 Read and change all your data on a number of websites, Read your browsing history, Modify data you copy and paste
Alternatives to use:
no alternative - Consider using Google Scholar
Use case : Translator
Apps Risk impact Risk likelihood Permissions
Translator uLanguage - Translate, Dictionary 4 5 Read and change all your data on all websites
Alternatives to use:
Google Translate 3 1 Read and change all your data on all websites
Use case : Find music
Apps Risk impact Risk likelihood Permissions
Shazam: Identify songs from your browser 4 5 Read and change all your data on all websites
Alternatives to use:
Extension released recently, therefore there is not reputation info to correctly estimate likelihood.
Use case : VPN
Apps Risk impact Risk likelihood Permissions
Delta Free VPN 4 5 Read and change all your data on all websites
Alternatives to use:
Avoid free VPNs, research reputable VPN companies
Use case : Translator
Apps Risk impact Risk likelihood Permissions
Quick Translation 4 5 Read and change all your data on all websites
Alternatives to use:
Google Translate 3 1 Read and change all your data on all websites
Use case : Refresh tabs
Apps Risk impact Risk likelihood Permissions
Maxi Refresher 4 5 Read and change all your data on all websites
Alternatives to use:
Tab Auto Refresh - better avoid using an extension for this use case 1 2 None
Use case : Screen recorder
Apps Risk impact Risk likelihood Permissions
Screen Recorder & Editor for Chrome 4 5 Read and change all your data on all websites, Capture content of your screen
Alternatives to use:
Better to avoid using an extension for this use case - Use native Screenshot or QuickTime (Mac) or built-in Game bar
Use case : Watch videos in a floating window
Apps Risk impact Risk likelihood Permissions
Picture-in-Picture with Playback Controls 4 4 Read and change all your data on all websites
Alternatives to use:
Picture-in-Picture Extension (by Google) 3 1 Read and change all your data on all websites
Use case : Refresh tabs
Apps Risk impact Risk likelihood Permissions
Page Auto Refresh 4 5 Read and change all your data on all websites
Alternatives to use:
Tab Auto Refresh - (better to avoid any extensions for this use case) 1 2 None
Use case : Refresh tabs
Apps Risk impact Risk likelihood Permissions
Super Simple Auto Refresh 4 5 Read and change all your data on all websites, Display notifications
Alternatives to use:
Tab Auto Refresh - (better to avoid any extensions for this use case) 1 2 None
Use case : Extract leads from LinkedIn
Apps Risk impact Risk likelihood Permissions
LinkedRadar - LinkedIn Auto Connect Tool 4 5 Read and change all your data on all linkedin.com sites and all linkedradar.com sites, Read your browsing history
Alternatives to use:
Kendo-Linkedin Email Finder 3 2 Read and change all your data on all linkedin.com sites and historykendoemailapp.com
Use case : Refresh tabs
Apps Risk impact Risk likelihood Permissions
Auto Refresh Page 4 5 Read and change all your data on all websites, Display notifications
Alternatives to use:
Tab Auto Refresh - (better to avoid any extensions for this use case) 1 2 None
Use case : Translator
Apps Risk impact Risk likelihood Permissions
Ichigo Reader🍓: Translate Manga 4 5 Read and change all your data on all websites, Manage your downloads
Alternatives to use:
Google Translate 3 1 Read and change all your data on all websites
Use case : Watch videos in a floating window
Apps Risk impact Risk likelihood Permissions
Picture-in-Picture - (Floating Video) 4 5 Read and change all your data on all websites
Alternatives to use:
Picture-in-Picture Extension (by Google) 3 1 Read and change all your data on all websites
Use case : Extract leads from Google maps
Apps Risk impact Risk likelihood Permissions
Presto OSM lead extractor 4 4 Read and change all your data on all websites
Alternatives to use:
G-Recorder 3 2 Read and change all your data on www.google.com, Manage your downloads
Use case : Extract leads from LinkedIn
Apps Risk impact Risk likelihood Permissions
ShopifyHunt - Shopify store parser & spy 4 5 Read and change all your data on all websites
Alternatives to use:
Kendo-Linkedin Email Finder 3 2 Read and change all your data on all Linkedin.com sites and kendoemailapp.com
Use case : Watch videos in a floating window
Apps Risk impact Risk likelihood Permissions
Smooth Picture in picture 4 5 Read and change all your data on all websites
Alternatives to use:
Picture-in-Picture Extension (by Google) 3 1 Read and change all your data on all websites
Use case : Browser game
Apps Risk impact Risk likelihood Permissions
Flappy Bird Purple 4 5 Read and change all your data on all websites
Alternatives to use:
Flappy Bird Offline 1 1 None
Use case : Watch videos in a floating window
Apps Risk impact Risk likelihood Permissions
Simple PIP 4 5 Read and change all your data on all websites
Alternatives to use:
Picture-in-Picture Extension (by Google) 3 1 Read and change all your data on all websites
Use case : Increases volume
Apps Risk impact Risk likelihood Permissions
Nice Volume Booster 4 5 removed from chrome
Alternatives to use:
no alternative - better to avoid using an extension for this use case - use the built-in Sound control in the menu bar or Control Center (Mac) or Hardware and Sound section in your Control Panel (Windows)
Use case : Translator
Apps Risk impact Risk likelihood Permissions
Web Translator - Select to Translate 4 5 Read and change all your data on all websites, Display notifications
Alternatives to use:
Google Translate 3 1 Read and change all your data on all websites
Use case : Refresh tabs
Apps Risk impact Risk likelihood Permissions
Refresh Page - Auto tab refresh 4 5 Read and change all your data on all websites, Display notifications
Alternatives to use:
Tab Auto Refresh - better to avoid any extensions for this use case. Multiple tabs can be refreshed by selecting multiple tabs (hold SHIFT) and pressing CTRL + R (on Windows) 1 2 None
Use case : Watch videos in a floating window
Apps Risk impact Risk likelihood Permissions
Easy PiP 4 5 Read and change all your data on all websites
Alternatives to use:
Picture-in-Picture Extension (by Google) 3 1 Read and change all your data on all websites
Use case : Increases volume
Apps Risk impact Risk likelihood Permissions
Volume Amplifier 4 5 Read and change all your data on all websites
Alternatives to use:
no alternative - better to avoid using an extension for this use case
Use case : Increases volume
Apps Risk impact Risk likelihood Permissions
Volume Booster 5 5 Read and change all your data on all websites
Alternatives to use:
no alternative - better to avoid using an extension for this use case
Use case : Increases volume
Apps Risk impact Risk likelihood Permissions
Volume Booster 2022 - It's your sound control 5 5 Read and change all your data on all websites
Alternatives to use:
no alternative - better to avoid using an extension for this use case
Use case : VPN
Apps Risk impact Risk likelihood Permissions
Troywell VPN Pro - Fast and secure VPN 5 5 Read and change all your data on all websites, Display notifications, Manage your apps, extensions, and themes, Change your privacy-related settings
Alternatives to use:
Avoid free VPNs, research reputable VPN companies
Use case : Screen recorder
Apps Risk impact Risk likelihood Permissions
Screen Recorder 5 5 Read and change all your data on all websites, Capture content of your screen, Manage your downloads, Know your email address
Alternatives to use:
Better to avoid using an extension for this use case - Use native Screenshot or QuickTime (Mac) or built-in Game bar
Use case : Replace your New Tab Page with a personal dashboard
Apps Risk impact Risk likelihood Permissions
Home - New Tab Page 5 5 Read and change all your data on all websites, Replace the page you see when opening a new tab, Display notifications, Read and change your bookmarks, Manage your apps, extensions, and themes
Alternatives to use:
New tab page by start.me 2 1 Read and change all your data on start.me, Replace the page you see when opening a new tab

Next steps

Chrome extensions aren’t the only or even the worst offenders when it comes to your personal information getting into the wrong hands. Companies called data brokers specialize in gathering, compiling, and selling your information to anyone who’s willing to pay. Luckily, the presence of state data privacy laws means that you can opt out of each individual data broker, like Fast People Search, Fast Background Check, Nuwber, Innovis, Instantcheckmate, Clustrmaps, or Whitepages. Cybercriminals get their hands on your personal data and devise scams to get money or more valuable information from you, or both. Removing yourself from the internet is the nuclear option, but you need not go off-grid to make a real impact.

Is this article helpful?
YesNo
Scroll to Top