Chrome extensions can seriously level up your browsing experience. They’re a big part of why Chrome is so popular, and why other browsers built on Chromium also support them.
But, there’s a catch. Not all extensions are created equal. Some can be downright dangerous, potentially exposing your device to nasty threats. We’re talking invasive permissions, data theft, malware, and even phishing scams. So, it’s super important to be a detective and check if a Chrome extension is safe before you hit that install button. Here’s how.
Method 1: Review your installed extensions
This is arguably the most effective method because you are checking the extensions that are already installed on your browser.
You can easily review your extensions by opening the Extensions page in Google Chrome. Here’s how:
- Type
chrome://extensions/in the address bar and hit Enter, or click on the three dots on the top right and go to ‘Extensions’ before clicking on ‘Manage extensions’.
- When the Extensions page opens, any problems, including security issues with your installed extensions will be flagged. You can disable or remove extensions from here by clicking on the toggle or the ‘Remove’ button respectively.
Method 2: Try a risk assessment utility
Risk assessment utilities are really powerful. They give you a detailed look under the hood of an extension.
Risk assessment utilities like CRXcavator can help you analyze Chrome extensions in multiple ways. You can use it to find out whether an extension will upload your data to other websites, what permissions it requires, whether it is using unsafe JavaScript libraries and more.
This helps you know absolutely everything about an extension before deciding whether to install. Chrome’s Enhanced Protection Mode also offers extra defense against online threats, including unsafe extensions.
Method 3: Check out the Editor’s picks on the store
The “Editor’s Picks” section on the Chrome Web Store can save you a lot of trouble.
You can discover some of the best extensions available on the Chrome Web Store in the Editor’s Picks section. What’s great about this section is that developers cannot advertise or promote their extensions in this section. An extension must be good, with a user-friendly design and a high average user rating to be featured here.
When you download an extension from the Editor’s Picks, Google has already given it the thumbs-up for safety. Plus, many of these extensions have badges that highlight their reliability, making it even easier to choose trustworthy options. And stick to official sources – avoid downloading extensions from third-party sites for the best security.
Method 4: Research the extension developer
Knowing who’s behind an extension can tell you a lot.
You can find many Chrome extensions on the Chrome Web Store, the official marketplace for extensions. While most are from genuine developers, you can also come across many extensions from non-trustworthy sources, which can be risky to install on your device. As explained before, such extensions can cause privacy violations, steal your data, and install adware and malware on your device.
Before installing an extension, do some digging on the developer. Check their description of the extension. If it’s vague or missing key details, that’s a red flag.
Look for a business registration number and contact information to see if they’re legit. And always read the privacy notice to understand how they’ll handle your data and whether they’ll share it.
Method 5: Take a look at third-party reviews
What are other users saying? Their experiences can be super helpful.
You can also find out whether an extension is trustworthy by checking out its reviews, and these reviews are available on the Chrome Web Store itself. This can help you find out how many people trust and use the extension, making it easy to determine its reliability. The higher the rating, the more reliable the extension, but you should also check how many people have rated it.
Besides the star rating, read the actual reviews for more detailed insights. Steer clear of extensions with lots of negative reviews mentioning security, feature, or usability issues. Find alternatives with better reviews and higher ratings.
Method 6: Check whether the extension is updated frequently
Updates are crucial for security.
With new cyber threats emerging everywhere, updates are extremely important and can help keep your system safe. This is also true for extensions, and you should check whether an extension gets updated frequently to block security vulnerabilities and counter threats like malware.
If an extension hasn’t been updated in a while, it could leave you vulnerable. Frequent updates show that the developer is serious about security and actively fixes issues.
Method 7: Perform a scan for unsafe JavaScript libraries
This is a more technical check, but still important.
A JavaScript library refers to a collection of JavaScript code that makes it easy to develop or improve JavaScript-based applications, such as browser extensions. However, if the libraries are not secure, they can pose a serious threat to your system. For instance, hackers can rely on such libraries to take control of your browsing session or access your data.
You can find unsafe JavaScript libraries in Chrome extensions using tools like RetireJS, which relies on a database of regularly updated JavaScript libraries to determine weaknesses in your Chrome extensions. Additionally, it provides information about such weaknesses so you can decide whether to remove or continue using the extension.
Things to keep in mind
- It is also a good idea to regularly scan your system using a reliable antivirus program. This can help keep your device protected from threats and infections so you don’t have to deal with problems later on.
- While you may want to try out different extensions and see what they can do, you should remove the ones not needed from your device as soon as possible. Keeping only the extensions you need on your system can help minimize the risks your machine is exposed to.
- Always check the permissions that a Chrome extension requires before installing it. If you find an extension requiring too many permissions, look for an alternative option that provides the same functionality while needing fewer permissions.
- People with more technical knowledge can also check the source code of extensions using tools like Chrome Extension Source Viewer and analyze network trace files to determine whether an extension is safe to use or not.