Categories
Announcements Helpful Tips

How We are Building a Sustainable Business at GoFullPage

McAfee recently published a blog post about bad actors among browser extensions—here’s why we’re different

A recent investigation into malicious browser extensions

Last week, McAfee Labs’ Threat Research Team published a blog post about malicious browser extensions. It’s worth a read, as the investigation and its results are quite important. McAfee discovered that five extensions were inserting code into eCommerce websites, so that the extension authors could receive affiliate payments from their unknowing users.

Google Chrome acted swiftly and removed the storefronts of the offending extensions. But users who already have the extensions downloaded need to take the extra step to delete them.

Unfortunately, GoFullPage was mistaken by some users as one of the extensions in question, so we’re here to clear the air.

Copycats and bad actors

The Chrome Web Store GoFullPage Storefront as of September 2022: 63k+ reviews, 6M+ users

GoFullPage is a popular and widely trusted extension; we have over 6 million users and over 60,000 5-star reviews. Due to our brand recognition, there are extensions that copy elements of our UI, the language we use, and our original name (“Full Page Screen Capture“). These copycat extensions don’t always have the best of intentions.

In the McAfee blog post, the authors even mention that one of the malicious extensions:

borrows several phrases from another popular extension called GoFullPage

McAfee Labs

Borrowing our language and mirroring our title seems to have been a way to dupe some users into thinking they were using our extension.

We are constantly monitoring for copycats, and report offenders as soon as we’re aware of them. So far, the Edge and Chrome browsers have taken down every offender we’ve reported. Yet, extension users should also take extra care to make sure you are using a trusted extension.

GoFullPage or copycat?

Check name and ID

When comparing browser extensions, make sure to always compare the extension IDs, rather than the names. Here is a comparison of GoFullPage and the malicious actors’ Chrome Web Store names and extension IDs:

GoFullPageBad Actor Extension identified by McAfee
Storefront Name“GoFullPage – Full Page Screen Capture”“Full Page Screenshot Capture – Screenshotting”
Extension IDfdpohaocaechififmbbbbbknoalclaclpojgkmkfincpdkdgjepkmdekcahmckjp
The extension ID is the long string of characters at the end of the Chrome Web Store URL. You can also right-click on the extension icon and go to “Manage Extension”. This will bring you to a page that lists our identifying information.

Look at install count and reviews

You can also take a look at user counts, as extensions that have over one million users are less common and have stood the test of time and user scrutiny. For example, we have over 6 million users, while the bad-actor extension had 200 thousand users when they were identified and taken down.

Research the extension creator

Also, make sure to look into who is creating the extension and how long the extension has been in existence. In our case, we were originally published on the Chrome Web Store in November of 2012 (a very special anniversary is approaching for us!) and our founder published a blog post about the product in December of 2012. This information is readily available on our FAQ.

A transparent and sustainable business

We’ve discussed internally our values and intentions with GoFullPage, and feel very strongly that:

  1. We want to continue developing and improving GoFullPage as an indispensable tool for capturing the web exactly as it looks on a screen. We’re in it for the long haul!
  2. We take privacy very seriously, and will not use or abuse user data or unnecessary permissions as a source of revenue. GoFullPage only requests permissions when they are absolutely necessary for capture or download.
  3. We want our revenue sources to be transparent and sustainable—by creating products that are useful. We want our revenue to come from people who want and need our tools, and want to pay for them.

To this end, we launched a premium tool in October of 2019. We see our premium offering as an ethical way to support the extension, and as a way to remain independent without using spyware or scams.

We are very grateful to be trusted by so many across the web, and are working everyday to honor and keep our users’ trust. And we are grateful to security researchers like McAfee for independently identifying malicious actors 💪

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s