Using autofill in your browser? You may be vulnerable to phishing attacks
Find out if you're affected – and which browser's safe
Autofill turns a whole lot of tedious typing into a breezy single-click affair, but the simplicity may come at a cost.
Viljami Kuosmanen, a Finnish web developer, has discovered that when filling out information on Chrome, Safari or Opera web browsers, autofill may provide the website with stored information beyond what it's seemingly asking for. You may just see a box for your name and email address, but if you choose to autofill these two data fields, you might actually be sending over details about your address, phone number and even credit card.
Kuosmanen has created a simple website where you can witness the sneakiness for yourself. With only a name and email entry field to fill out, it seems unassuming, but through the use of several other hidden fields the site ends up collecting a whole heap of other details as well. Instead of using these details for nefarious purposes, Kuosmanen’s site just gives you raw output of the form data, which autofill has so generously provided it with.
If you find yourself using one of the aforementioned browsers, or any plugins or utilities with similar functionality such as LastPass, it could be worth having a look at disabling your autofill settings – or at the very least, avoid giving up even seemingly innocent information to dodgy looking sites.
Firefox users can rest easy for now as it does not yet support this kind of autofill, however you should keep an eye out for this in the future as it is said to be in development.
- After dealing with autofill, find out how else you can stay safe online
Get daily insight, inspiration and deals in your inbox
Sign up for breaking news, reviews, opinion, top tech deals, and more.