Control Browser Extensions with PerimeterX

What Are Browser Extensions?

Browser extensions are helper apps that users add from the Chrome store or other browser stores. These extensions provide useful functionality to browsers to manage your passwords or give you a shortcut to your web conferencing software and many other useful tools. Many extensions improve user productivity, which is why they are so popular. But, frequently hidden among the beneficial options, there exist malicious extensions that can do great harm such as accessing everything you type on every website. Malicious extensions, sometimes referred to as plugins, can pose serious threats to both privacy and security. There are thousands of extensions available for every popular browser. Price comparison and coupon extensions are some of the most downloaded, with millions of downloads and active users.

Why Can Browser Extensions Be Dangerous?

Browser extensions have security and privacy risks as shown by attacks that leverage them to harvest usernames, passwords and credit card data. Often installed as part of free anti-malware software, up to 20% of your website users could be infected by unwanted extensions, ad injections or browser malware. Some extensions such as price comparisons and coupons don’t pose a security threat to e-commerce and travel websites. They actually pose a bigger threat: altering the user's path to purchase on your site and redirecting the user to a competing site. These extensions can also facilitate affiliate referral fraud, redirecting a user back to your site with an affiliate code, that costs you money without adding value.

Many coupon extensions are advertised and promoted by reputable sites to online users. For example, a leading financial firm strongly recommends that its cardholders install wikibuy coupon extensions to get the best deal. Millions of dollars are spent by web marketing teams to optimize user navigation on a site, and to increase user engagement and ultimately conversions. The end result of price comparison and coupon extensions is often cart abandonment as a user leaves your site to pursue a better deal elsewhere.

Browser Extensions Remain an Unrecognized Problem

Many Chief Marketing Officers and Chief Digital Officers are often unaware of the problems created by these extensions. They may receive poor advice that browser extensions are an end-user problem and there is nothing they can do. Some security teams will tell you that content security policies (CSP) may work to fight malicious extensions, but CSPs are easily bypassed by extensions.

Users are going to use extensions - no matter their benefit or threat. You as the website owner should be aware of the pitfalls and damage that they cause to the user experience and use all the tools available to minimize their potential harm.

PerimeterX Page Defender Lets You Control Browser Extensions

PerimeterX Page Defender helps you keep your users on their intended path to purchase and preserves their experience on your website, no matter what extension the user has installed. If you want certain coupons to work, Page Defender is a flexible solution that lets you whitelist just the specific extensions that help your business.

Page Defender uses a PerimeterX detector that continuously learns about new browser extensions, malware and ad injections. It updates the PerimeterX sensor that runs on the user’s browser, at the source of the problem, with new intelligence. It therefore - remains constantly up-to-date without your team having to keep pace with the evolving browser extensions and ad injections! The frequent updates and the advanced machine-learning platform assures you best-in-class blocking and management capabilities.

Case Study

With over 2 million monthly visitors, and a 100 percent guarantee, it was critical to protect our customers from malicious and targeted browser-based injections while not impacting page load times or the browsing experience of users.
CIOleading e-commerce company

Read Case Study