Defending Vulnerable Populations Against Scams: Effectiveness of Browser Extensions in Mitigating Scammer Attack Chains

Online scams and phishing campaigns increasingly target vulnerable individuals at home, exploiting trust and limited technical awareness to execute multi-stage attack chains and steal thousands of dollars from victims. These users generally have few defenses—such as free email spam filters, admin credentials, and limited user education—offering up opportunities scammers will take advantage of.

This research evaluates the effectiveness of a browser extension as a security control—Grandma’s Guardian—designed for simplicity and accessibility so that even non-technical home users can benefit from enterprise-grade protection. The extension integrates domain allowlisting, MIME type allowlisting for web downloads, and semantic content filtering to proactively block malicious interactions from view of the user.

In controlled simulations of realistic scam scenarios, Grandma’s Guardian consistently prevented all tested attacks when occurring within a Chromium-based browser. These findings demonstrate that targeted, multi-layered browser-level controls can meaningfully reduce scam exposure for at-risk populations at home, with strong potential for broader application within any organization.