University of South Florida

Information Technology

Updates

IT Security Warning: Malicious Chrome Extensions Targeting AI Users

  • January 14, 2026

Recent investigations have uncovered some third-party Google Chrome extensions that are impersonating legitimate AI tools and secretly stealing users’ data, including full ChatGPT and DeepSeek AI conversations, search information and browsing activity, and potentially sensitive financial and other information.  
 
Two currently identified extensions are:

  • Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI (ID:fnmihdojmnkclgjpcoonokmkhjpjechg)
  • AI Sidebar with Deepseek, ChatGPT, Claude, and more. (ID:inhcgfpbfdjbjogdfjbclgolkmhnooop) 
     

How to Protect Yourself

Remove suspicious extensions immediately 
Go to chrome://extensions/ and review everything installed. If you see either of the malicious extensions listed above, or any tool you don’t recognize, remove it. 
 
Be cautious with third‑party AI extensions 
Attackers increasingly impersonate popular AI tools and abuse trust in browser marketplaces. Even extensions with “Featured” or “Verified” badges may be weaponized. 
 
Only install software or digital assets from easily verified sources. Avoid sharing sensitive data with untrusted apps. 
If an extension claims to be an AI tool, always assume your activity may be monitored.


Explore Microsoft Copilot Chat

To support secure and responsible use of generative AI, the university provides Microsoft Copilot Chat at no cost to all students, faculty, and staff. This official, enterprise‑secured solution offers:

  • Chat-based AI assistance
  • Integrated data protection
  • No data collection for advertising or external model training
  • Built-in security aligned with our institutional policies

Learn more about the differences between popular generative AI tools here.

Because Copilot Chat is provided through our Microsoft 365 tenant, it operates within a controlled, compliant environment, entirely different from third‑party browser extensions with unknown data practices.


Think You May Have Been Compromised by a Third-Party Extension?

Please contact the IT Service Desk immediately if you believe you may have installed a corrupt or suspicious extension, even if it’s not one of those mentioned in this article.  

Return to article listing

Tags

Faculty, Staff, Student

Explore More Categories

About Department News

USF IT is an energetic, passionate and diverse team of experts focused on empowering students, faculty, staff and client partners with the technology and resources they need to be successful.