Browser extensions, often used by recruiters and sourcers, may pose a greater security risk than many realize. These tools can gain access to sensitive information such as passwords and browsing history, potentially allowing unwanted third parties access to your personal data. While some extensions may be safe for talent sourcing, it is important to be aware of the potential for them to be hijacked, putting your information at risk.
From an article on HowtoGeek.com: Chris Hoffman explains how extensions track you online. If the extension can access every webpage you visit it can capture passwords and credit card information saved. If the extension can scan receipts on different pages then it probably has permission to scan your emails. If the extensions requires access to Google then it could potentially have access to your gmail account. The extension themselves are safe but if they get hacked then your privacy information may be at risk and this includes saved candidate information as well.
Examples of recent attacks
A YouTube editor extension called Particle was sold to third party company. They turned the extension into a harmful adware malware tool. Another example, the Copyfish extension used for web developers was hijacked and then modified it to distribute spam correspondence to its users.
The list goes on in August of 2017: 8 other extensions got hacked putting over 4.8 million users at risk. Because some extensions gain access to everything you do online hackers have targeted these types of tools in the last few months. So, the tools that you may normally use in talent sourcing for finding contact information may potentially be at high-risk for these types of hacks in the future.
How to protect yourself
Use only trusted extensions. Research the extension, look into reviews and other trustworthy websites before you consider downloading the tool. Look at who created the extension and do your research! Consider updating your security-passwords on a monthly basis and buying security software for your computer. Also, here’s a list of free security extensions for your browser that are worth exploring further.
It’s good to be aware of potential risks when using these types of extension tools. We’ve had around a dozen cases of tools being hijacked in recent months. Overall, I recommend reviewing each extension that you’re currently using and if you’re not actively using it then consider disabling it in your browser settings.
Recommended Reading:
Review of Vettery a Marketplace Hiring Platform
Glenn Gutmacher Interview
My SourceCon Digital 2.0 Presentation
- Unleashing the Power of AI in Talent Sourcing: Meet Noon - May 17, 2024
- Demystifying Natural Language Search: Crafting Effective Boolean Strings - April 26, 2024
- The Art of Context: Why Rushing to Conclusions Can Lead Us Astray - April 25, 2024