by 
Right out of the box, Chrome is a capable—but somewhat plain—browser. The real excitement begins when youExplore all the awesome Chrome add-onsIf there’s a task that Chrome struggles with—or simply can’t handle—there’s a strong possibility that an extension exists to enhance its functionality. The number of such tools is vast, and they’re designed to fill in the gaps where Chrome falls short.Chrome extensions that enhance your productivity, Here are some Chrome extensions that can help you block websites:, and even Chrome extensions for gamersThat being said, not all Chrome extensions are worth adding, and some are even malicious. It feels like every month we hear about a dozen new Chrome extensions that distribute malware. However, even certain well-known extensions might not be worth installing, even if they don’t pose an immediate threat to your device.
A well-known case is Web of Trust, an add-on created to help users avoid unsafe websites. By 2016, researchers found out that the extension was collecting user browsing data with weak anonymization and selling it to third parties, all without users' consent. Although the extension reappeared in Firefox and Chrome stores after a brief removal, the trust had already been broken. Those familiar with Web of Trust's background are unlikely to use it today. Inspired by this, we’re now examining five widely-used Chrome extensions that you might recognize—or even be using—despite being potentially better off without them.
Read more: Top Smart Lock Brands Ranked from Least to Most Recommended
Paypal's Honey
PayPal's HoneyThe browser extension offered a compelling feature: searching for online coupon codes and automatically entering them during checkout. However, there may have been significant problems occurring behind the scenes. This came to light through a detailed investigation by YouTube creator MegaLag. He claimed that Honey was altering affiliate cookies from YouTubers, allowing the extension to claim credit for affiliate purchases instead of the creators who shared the links. This meant that not only (allegedly) was money being taken from affiliate links, but it was happening to YouTubers who were actually promoting Honey. In effect, Honey might have been compensating creators for promoting the service while secretly reclaiming part of the earnings generated through their efforts. That’s pretty shady.
Honey's users might have also been exploited. MegaLag found evidence suggesting that Honey engaged in under-the-table agreements with seller websites. It could have deliberately used weaker coupons (or acted as though no coupons were available) to let the websites earn more from each purchase, and those websites may have then shared a portion of the profits with Honey. Essentially, Honey was accused of siphoning money away from creators while delivering minimal or no real benefit to consumers. Neither of these actions is acceptable. Looking back, a free browser extension that automatically fills in coupon codes does seem like it might be too good to be true.
Since that disclosure, Honey has lost around 5 million users. It appears the background cookie manipulation was discreetly resolved, but the extension remains active. Devin Stone, an attorney who runs the YouTube channel LegalEagle, has filed a lawsuit against PayPal. Although PayPal has rejected the claims, we still recommend avoiding the use of the extension, as this situation might not be fully concluded.
Hola VPN
In our piece discussing theTop VPN services offered in 2025We emphasized the importance of avoiding free VPNs as much as possible. The problem with a free VPN is that, since you aren't paying for its service, it needs to generate revenue elsewhere. As a result, free VPNs often gather and sell your browsing data to make a profit.Hola VPNHola VPN, a widely used free virtual private network service, might have faced an even more significant issue. Instead of routing your connection through the VPN provider's own servers in specific locations like most traditional VPNs do, Hola operates on a peer-to-peer system. This setup allows users to access content by borrowing the IP addresses of other users located in the desired region.
So, your computer—whether you're actively using the extension or not—effectively turns into a server that random individuals can connect to as a VPN based on your location. Because VPNs promote anonymity for their users, the websites those strangers access could range from adult content at the milder end to significantly more concerning sites at the extreme. This situation isn't all that different from turning your device into an exit node for the Tor network.Dark web or deep webwebsites. Picture another Hola VPN user accessing a site with unlawful material or uploading their own illegal content; your ISP (or authorities) might mistakenly believe it was you accessing those sites.
Additionally, Hola VPN relies on the outdated IKEv2 encryption protocol. While IKEv2 isn't inherently flawed, it does prompt concerns about why Hola hasn't transitioned to more up-to-date encryption methods such as WireGuard. When paired with its questionable peer-to-peer network structure, security experts from the "Adios, Hola" site caution that the extension leaves users vulnerable to a correlation attack. Therefore, consider investing a few dollars each month in a premium VPN service or reassess your expectations regarding online security.A VPN truly helps maintain your anonymity online..
Grammarly
Grammarlyis essentially Chrome's default grammar checker extension and has held that position for years. We suggest removing it. The main concern relates to Grammarly's privacy policy. In order to provide its text correction, grammar suggestions, and AI capabilities, the service must temporarily store your writing on its servers for processing. Although Grammarly states that it encrypts your data and keeps it private, the bigger issue is whether you feel comfortable trusting them with your content.
The first concern is that privacy policies are frequently breached by the very companies that create them. Because Grammarly stores your text on its servers instead of handling it locally, there's no guarantee it will keep the data encrypted, refrain from accessing it, or actually delete it when requested. The fact that Grammarly doesn't implement end-to-end encryption—which would ensure that only you can access your data—means you have to trust the company’s claims. Secondly, Grammarly has faced a serious security flaw in the past. In 2018, a vulnerability was discovered that could have allowed hackers to access the personal information of all 22 million users, as reported byThe Register. Some of the Here are some of the most significant data breaches in internet history: 1. **Yahoo (2013)** – The largest known data breach affected all 3 billion Yahoo user accounts. Personal information, including names, email addresses, and security questions, was compromised. 2. **Marriott International (2018)** – A breach in the Starwood guest reservation system exposed the personal details of up to 500 million guests, including passport numbers and dates of birth. 3. **Facebook (2019)** – Over 533 million Facebook users' personal data, including phone numbers and email addresses, was scraped and shared on a hacker forum. 4. **eBay (2014)** – Hackers accessed the personal data of all 145 million eBay users, prompting the company to urge users to change their passwords. 5. **Equifax (2017)** – One of the largest credit reporting agencies suffered a breach that exposed sensitive data—including Social Security numbers—of approximately 147 million people. 6. **LinkedIn (2012)** – A breach resulted in the theft of 167 million user records, including email addresses and hashed passwords. 7. **AdultFriendFinder (2016)** – The breach exposed 412 million accounts across several websites owned by FriendFinder Networks, including AdultFriendFinder. 8. **Ashley Madison (2015)** – The cheating website was hacked, exposing the personal data of 36 million users, leading to widespread embarrassment and legal consequences. 9. **MySpace (2016)** – Although the breach occurred in 2013, it was discovered later. Data from 360 million accounts was stolen and offered for sale online. 10. **First American Financial Corporation (2019)** – A vulnerability exposed over 885 million sensitive documents containing bank account numbers, mortgage records, and Social Security numbers. These incidents highlight the importance of cybersecurity and the need for organizations to protect user data effectively.are also among the most recent, making it uncertain whether Grammarly might be targeted again in the future.
Third, and most crucially, Grammarly might be using your data to train its AI. Even with a paid Pro subscription, you must manually opt out of having your content used for AI model training. In an era where major tech companies like Meta are accused of using authors' works without permission to train AI chatbots—sometimes leading to those bots reproducing content word-for-word—it's understandable that writers would worry about Grammarly contributing their work to such models. We suggest relying on your computer’s built-in spell checker or exploring alternatives likeTop alternatives to Grammarly that can enhance your writing instead.
LastPass
You need to Start utilizing a password managerrelying solely on a single method for all your accounts, as this could create a potential security risk if that method is compromised.LastPassand its password autofill extension. LastPass used to be among the topthe best password managersIn addition to services like 1Password, Bitwarden, and Dashlane, it faced a serious data breach in 2022. Cybercriminals succeeded in stealing users' vaults and were able to decrypt portions of the stolen data. For those unfamiliar, vaults are where individuals store their passwords and other confidential information. Although the attackers did not gain full access to users' master passwords or password details, this incident left users vulnerable to focused attacks, including spear phishing and brute force dictionary attempts. Compounding the issue, this was the second data breach the company experienced that year.
The repercussions of the breach didn’t fully hit in 2022. In the years that followed, cybercriminals struck it rich, stealing millions of dollars in cryptocurrency from LastPass users. To be fair to LastPass, there's no concrete proof linking the crypto theft directly to the 2022 data breach. Still, even if the two incidents are entirely unrelated, it does little to reassure users.
No matter the situation, LastPass faces tough competition from companies that have better security histories and excellent Chrome extensions. You might want to try using the built-in password manager instead.Google Password Managerand you won’t need to mess around with extensions. EvenSamsung Passcomes with an extension. 1Password is known for offering the most comprehensive set of features, but for those seeking a free alternative, Bitwarden is tough to match — and it typically receives better ratings than 1Password.
Adblock Plus
Adblock Plus is likely the most popular ad blocker in existence. However, we recommend opting for an alternative. Why? The main issue lies with "acceptable ads." Essentially, an internal panel approves specific non-disruptive advertisements, including those that may interfere with your content. Adblock Plus argues that this system helps ensure websites and content creators earn income, as long as they maintain respect for users. The flaw in this reasoning is that you must trust AdBlock Plus, a company motivated by profit, to impartially determine which ads are genuinely intrusive.
Adblock Plus acknowledges that it can't ensure every acceptable ad fully complies with its standards — raising questions about what might be getting past the filters — and the company earns money from major websites to display ads to users. This setup suggests that companies paying to have their ads approved may receive preferential treatment. To give Adblock its due, it does offer the option to turn off the acceptable ads feature. Still, we'd suggest opting for a different adblocker that doesn't involve such trade-offs from the start.
It's somewhat peculiar that Adblock Plus remained mostly unaffected during the shift to Manifest v3, while the widely-used uBlock Origin had to fall back to a less capable alternative.uBlock Origin LiteThe shift to Manifest v3 was a highly controversial move. A lot of people didn't buy the argument that it enhanced security, believing instead that it benefited Google—an advertising company—by weakening ad blockers and safeguarding its income. It's interesting how quickly Adblock Plus, an ad blocker known for collaborating with ad firms, accepted the change.
Looking for the newest updates in technology and automotive trends?Sign up for our complimentary newsletterGet the latest headlines, expert guides, and helpful tips delivered straight to your inbox—one email at a time.
Read the original article on Tech Bytes Lab.
No comments:
Post a Comment