Results 1 to 2 of 2

Thread: Your Browser's Autofill Data Can Be Phished, Here's How to Stay Safe

  1. #1 Your Browser's Autofill Data Can Be Phished, Here's How to Stay Safe 
    Elder stvnsprngr's Avatar United-States
    Join Date
    Jul 2009
    Location
    Portland, Oregon
    Posts
    9,414
    Thanks
    25,247
    Thanked
    32,301 Times

    Your Browser's Autofill Data Can Be Phished, Here's How to Stay Safe

    The autofill systems in browsers like Google Chrome, Safari, and Opera, as well as plugins like LastPass, can be easily tricked into giving away your information on web pages. Here’s how you can keep your personal information secure.

    Viljami Kuosmanen, a Finnish web developer and hacker, recently discovered the exploit and shared an example of it in action on GitHub. Basically, a phishing site will have text boxes where you enter some very basic information, like an email address or first name. But when you use your browser’s autofill system to fill out those boxes, the site uses hidden text boxes to collect additional autofill information you don’t realize you’re giving away. That information could be your home address, phone number, and even your credit card info.

    Click here to enlarge

    If you want to stay safe, you should always avoid sharing personal information and using utilities like LastPass on web sites you’re not completely sure of. Or you can turn off autofill completely in your browser of choice:

    In Chrome, click the three-dot “More” button in the top right > Settings > Show advanced settings > then uncheck “Enable Autofill to fill out web forms in a single click” under “Passwords and forms.”
    In Safari, go to Preferences > AutoFill > deselect all types of information you want Safari to automatically fill in.
    In Opera, click the Opera button, go to Settings > Privacy & security > scroll down to “Autofill” > uncheck “enable auto-filling of forms on webpages.”

    Mozilla Firefox is currently immune to this phishing exploit because it doesn’t have a multi-box autofill system yet. You can learn more about the exploit at the link below.

    How to Boost Your Phishing Detection Skills and Avoid Email Scams
    This Content Is Available To Members Only. Please Register Here

    This Content Is Available To Members Only. Please Register Here
    I am a temporary biological event existing in an indifferent universe.
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    Reply With Quote   stvnsprngr is offline
     

  2. The Following 3 Users Say Thank You to stvnsprngr For This Useful Post:



  3. #2  
    One billion dollars RS-MMC's Avatar UK
    Join Date
    Oct 2008
    Posts
    3,175
    Thanks
    1,602
    Thanked
    10,236 Times
    Click here to enlarge
    "I'll have the strawberry and lime cooler. Medium."


    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    Reply With Quote   RS-MMC is offline
     

  4. The Following User Says Thank You to RS-MMC For This Useful Post:


Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •