Fake Positive Reviews Mask Spoofed Browser Extensions

Fake Positive Reviews Mask Spoofed Browser Extensions

This post originally appeared on KnowBe4, June 3, 2021.


Malicious browser extensions often have fake positive reviews to garner trust from users, according to Brian Krebs. Krebs describes a phony Microsoft Authenticator extension in the Google Chrome Store that had five user reviews. Three were one-star reviews warning users that the extension was malware, while two were positive reviews praising the app’s convenience. Krebs also found that the developer of the app had made another phony app; that one had only positive reviews.

Krebs worked with Hao Nguyen, the developer of chrome-stats.com, to track the accounts behind the phony extensions and reviews.

“Like an ever-expanding Venn diagram, a review of the extensions commented on by each new fake reviewer found led to the discovery of even more phony reviewers and extensions,” Krebs writes. “In total, roughly 24 hours worth of digging through chrome-stats.com unearthed more than 100 positive reviews on a network of patently fraudulent extensions.”

Krebs and Nguyen identified 45 malicious browser extensions that had a collective total of nearly 100,000 downloads.

“The extensions spoofed a range of consumer brands, including Adobe, Amazon, Facebook, HBO, Microsoft, Roku, and Verizon,” Krebs writes. “Scouring the manifests for each of these other extensions in turn revealed that many of the same developers were tied to multiple apps being promoted by the same phony Google accounts. Some of the fake extensions have only a handful of downloads, but most have hundreds or thousands. A fake Microsoft Teams extension attracted 16,200 downloads in the roughly two months it was available from the Google store. A counterfeit version of CapCut, a professional video editing software suite, claimed nearly 24,000 downloads over a similar time period.”

Krebs notes that none of these apps request special permissions from users, and instead trick users into entering sensitive information voluntarily. 

Phishing scams pose significant and imminent threats and need to be taken seriously. When regular simulated phishing exercises are conducted with a trusted partner, you empower your employees to maintain a strong security posture.

As a trusted KnowBe4 partner, InfoSystems can help you get started with security awareness training. Contact us to get started.


About Us

For over 25 years, InfoSystems has provided reliable IT solutions to build and maintain strong and secure systems for both SMB and enterprise organizations. Headquartered in Chattanooga, TN, our trusted team of experts specialize in traditional infrastructure, IT optimization and cybersecurity services, as well as next gen solutions such as hybrid cloud and artificial intelligence, from partners such as IBM, Dell Technologies, Red Hat, VMware and Cisco.

Leave a reply

Your email address will not be published.