Two-thirds of popular AI Chrome extensions could wreak havoc on user security if turned malicious, according to a new study by Incogni, a company that deals with data brokers. The study analyzed 70 popular AI-based Chrome extensions from 7 categories.
Here are the key findings:
- 69% of investigated extensions have a high risk impact — if turned malicious, they could be highly damaging to users’ cybersecurity.
- 10 out of 10 AI-powered writing extensions have a high risk impact.
- 10 out of 70 analyzed extensions have a high risk impact (could do a lot of harm) and a high risk likelihood (are more likely to turn malicious).
- Over 59% of the investigated extensions collect user data, with 44% of them collecting personally identifiable information (PII).
Risk impact is a measure based on the number of permissions an extension requires. According to the folks at Incogni, extensions with a low risk impact score can’t do much harm, even if they get into the wrong hands. Extensions with a high risk impact, on the other hand, could be highly damaging if they get into the wrong hands because of the data they can access.
“AI Chrome extensions offer undeniable convenience, but safeguarding your privacy and security should be a top priority,” says Darius Belejevas, head of Incogni. “Understanding the data you share with extensions and their reliability in keeping it safe is crucial. By being cautious in choosing AI Chrome extensions and staying informed about their potential risks, users can embrace the benefits of AI while safeguarding their personal information.”
