Cybercriminals using malicious browser extensions to perpetrate Cyber Crime

Threat Summary

It has been observed that a large number of users have started installing browser extensions, and many such extensions are malicious, and use adware to target users with advertisements. The most common payloads carried by these malicious web browser extensions belong to adware families, which carry out snooping on browsing activity and promoting affiliate links.

Suggestions

1. Avoid downloading browser extensions from unofficial and unknown sources. Browser's official web store is a reliable source to download extensions.

2. Scrutinize user comments and reviews, and run a background check on the developer/publisher of the extension.

3. Review the privacy policy and data collection practices carefully before agreeing to them, as some extensions require permissions.

4. Periodically review the installed add-ons and extensions, remove any that you are unsure of how they were installed.

5. Report any such incidents on the cybercrime.gov.in portal and follow @CyberDost on Twitter, YouTube, Facebook, Instagram, Public, Koo and LinkedIn to know more about safety tips.