A new scam is targeting people who publish Chrome extensions.
The scam arrives as an official-looking “copyright removal request” claiming your extension is about to be removed from the Chrome Web Store and that you have 48 hours to appeal.
It even looks personalized. After you enter your extension’s ID to “verify” it, the page pulls in your extension’s real name and icon. But it’s all part of a phishing attack designed to steal your Google username and password.
If attackers gain access to a developer account, they may be able to take over the extension, access developer resources, or potentially push malicious updates to users.
What’s actually going on
