{"id":5011,"date":"2026-03-29T10:36:49","date_gmt":"2026-03-29T10:36:49","guid":{"rendered":"https:\/\/ft365.org\/index.php\/2026\/03\/29\/experts-sound-alarm-over-prompt-poaching-browser-extensions\/"},"modified":"2026-03-29T10:36:49","modified_gmt":"2026-03-29T10:36:49","slug":"experts-sound-alarm-over-prompt-poaching-browser-extensions","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2026\/03\/29\/experts-sound-alarm-over-prompt-poaching-browser-extensions\/","title":{"rendered":"Experts Sound Alarm Over \u201cPrompt Poaching\u201d Browser Extensions"},"content":{"rendered":"
\n

\"Photo<\/p>\n<\/div>\n

\n

Security experts have warned users to beware of malicious Chrome extensions designed to secretly monitor and exfiltrate users\u2019 AI conversations.<\/p>\n

Expel explained in a blog post, published on March 24, that it had observed \u201cseveral dozen\u201d incidents in the past month of so-called \u201cprompt poaching\u201d by legitimate-looking extensions.<\/p>\n

\u201cThe functionality is fairly straightforward \u2013 the browser extension monitors open tabs, and upon seeing an AI client loaded, will monitor for and collect questions and answers using API interception or DOM scraping,\u201d it said.<\/p>\n

\u201cThe extension will then package them up and send them to an external server run by the browser extension\u2019s developers.\u201d<\/p>\n

Read more on malicious browser extensions: Malicious Google Chrome Extensions Hijack Workday and Netsuite.<\/em><\/p>\n

There appear to be two main ways that scammers trick their victims.<\/p>\n

The first is to impersonate legitimate extensions, such as \u201cChat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI\u201d and \u201cTalk to ChatGPT\u201d from developer AITOPIA. A report from December last year claimed that two of these malicious extensions had accrued as many as 900,000 unwitting users.<\/p>\n

A second tactic is to develop and market a legitimate extension, and then insert malicious functionality once the user base has grown large enough. This is the case with the \u201cUrban VPN Proxy\u201d tool spotted by Expel.<\/p>\n

How to Minimize Prompt Poaching Risks<\/strong><\/h2>\n

The security vendor urged businesses to prohibit the downloading of AI-related browser extensions and ensure employee use of extensions in general is centrally managed.<\/p>\n

\u201cIt almost goes without saying that these plugins open the doors to several risks, including identity theft, targeted phishing campaigns, and sensitive data being put up for sale on underground forums,\u201d Expel warned.<\/p>\n

\u201cIn the case of organizations where employees may have unwittingly installed these extensions, they may have exposed intellectual property, customer data, or other confidential information.\u201d<\/p>\n

Expel recommended the following:<\/p>\n