I've developed a few browser extensions, and every week I receive numerous emails with "revenue offer". Some experienced developers know that offers like these will inject malware into the browsers of your users, but scammers who make these offers will not tell you about it. They offer "integrations" that don't look so suspicious. Imagine how many developers have accepted these offers. Then look at the number of extensions in your browser and think about how much risk there is that you have an extension with malware.
I thought my ISP already had this data and is selling it. Should I go make sure all my extensions are 100% kosher?
Your ISP cannot read https data in transit. Extensions can because the page is now rendered on your local browser.
Thank you!