Autofill systems in multiple browsers, including Chrome, Safari, and Opera may be leaving you vulnerable to a phishing attack. Viljami Kuosmanen, a Finnish web developer, has found those systems autofill data in hidden text fields. This means that even if you only see basic fields for "name" and "email," the browser may hand over more data.
The same problem exists with some browser extensions, including LastPass.
An attacker could utilize this by displaying an innocuous set of fields for basic info while also collecting information users would be cautious about sharing.
Chrome's autofill is turned on by default and can provide email addresses, phone numbers, mailing addresses, some credit card info, and other pieces of info.
Mozilla's Firefox isn't affected.
0 Comments