Chrome Extensions Stealing Your Data: The 2026 Blacklist

Q: Is Grammarly safe to use?

Incogni's 2026 report ranked Grammarly as one of the most potentially privacy-damaging popular extensions because it collects website content, personal communications, and user activity data including keystrokes. However, it has a low risk likelihood of malicious use. Users should review permissions and decide based on their privacy tolerance.

Q: How can I check if a Chrome extension is safe?

Go to chrome://extensions, click 'Details' on any extension, and review its permissions. Be cautious of extensions requesting 'scripting' (42% of AI extensions use this), 'activeTab', or access to 'all websites'. Also check the extension's reviews, developer reputation, and whether it's from a verified publisher.

52% of AI-powered Chrome extensions collect user data, according to Incogni's 2026 analysis of 442 extensions. Grammarly and QuillBot are flagged as the most privacy-damaging popular tools—collecting keystrokes, website content, and personal communications. Two malicious extensions already compromised 900,000 users by stealing ChatGPT and DeepSeek conversations every 30 minutes. Check your extensions now: chrome://extensions.

The Numbers Are Alarming

Incogni analyzed 442 AI-powered Chrome extensions for their 2026 privacy report. The findings should concern anyone who uses browser extensions—which is most of us.

Over half of these extensions collect some form of user data. 29% collect personally identifiable information. And 42% request "scripting" permissions—allowing them to read everything you type and see every page you visit.

52% Collect User Data

900K Users Compromised

115.5M Downloads Affected

The Malicious Extensions (Remove Immediately)

Security researchers at OX Security discovered two Chrome extensions actively stealing ChatGPT and DeepSeek conversations. Combined, they compromised 900,000 users:

"Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI" — 600,000 users
"AI Sidebar with Deepseek, ChatGPT, Claude, and more" — 300,000 users

These extensions exfiltrated complete conversation histories to remote servers every 30 minutes. Despite containing data-stealing malware, one even received Google's "Featured" badge.

Source

"This data can be weaponized for corporate espionage, identity theft, targeted phishing campaigns, or sold on underground forums."

— The Hacker News

Popular Extensions Flagged as High-Risk

Even legitimate, widely-used extensions pose privacy concerns. Incogni ranked Grammarly and QuillBot as "the most potentially privacy-damaging" among popular extensions (2M+ downloads).

Both collect:

Website content — Everything on pages you visit
Personal communications — Emails, messages, documents
User activity — Keystrokes, scrolling, navigation patterns

The report notes both have "very low risk likelihood" of malicious use—but the data collection itself is extensive. Users must decide if the utility outweighs the privacy cost.

Highest-Risk Extension Categories

According to Incogni, these extension categories pose the greatest privacy risk:

Programming and mathematical helpers — Most invasive category
Meeting assistants and audio transcribers — Access to sensitive conversations
Writing assistants — See everything you type
Translators — Extensive access, though lower misuse indicators

How to Protect Yourself

Take these steps to audit your Chrome extensions:

Review installed extensions — Go to chrome://extensions
Check permissions — Click "Details" on each extension
Remove suspicious extensions — Especially those with "scripting" or "all websites" access
Use Chrome's Safety Check — Settings → Privacy and security → Safety check
Enable Enhanced Safe Browsing — Warns about untrusted extensions

FAQ

Which Chrome extensions are stealing data in 2026?

Two malicious extensions were caught stealing ChatGPT conversations from 900,000 users: "Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI" (600K) and "AI Sidebar with Deepseek, ChatGPT, Claude, and more" (300K). Grammarly and QuillBot were also flagged as high privacy risk.

Is Grammarly safe to use?

Incogni ranked Grammarly as one of the most privacy-damaging popular extensions due to extensive data collection. However, it has low risk likelihood of malicious use. Review the permissions and decide based on your privacy tolerance.

How can I check if a Chrome extension is safe?

Go to chrome://extensions, click "Details" on any extension, and review permissions. Be cautious of "scripting", "activeTab", or "all websites" access. Check reviews and developer reputation.