Using autofill in your browser? You may be vulnerable to phishing attacks

Autofill turns a whole lot of tedious typing into a breezy single-click affair, but the simplicity may come at a cost.

Viljami Kuosmanen, a Finnish web developer, has discovered that when filling out information on Chrome, Safari or Opera web browsers, autofill may provide the website with stored information beyond what it's seemingly asking for. You may just see a box for your name and email address, but if you choose to autofill these two data fields, you might actually be sending over details about your address, phone number and even credit card.

Kuosmanen has created a simple website where you can witness the sneakiness for yourself. With only a name and email entry field to fill out, it seems unassuming, but through the use of several other hidden fields the site ends up collecting a whole heap of other details as well. Instead of using these details for nefarious purposes, Kuosmanen’s site just gives you raw output of the form data, which autofill has so generously provided it with.

If you find yourself using one of the aforementioned browsers, or any plugins or utilities with similar functionality such as LastPass, it could be worth having a look at disabling your autofill settings – or at the very least, avoid giving up even seemingly innocent information to dodgy looking sites.

Firefox users can rest easy for now as it does not yet support this kind of autofill, however you should keep an eye out for this in the future as it is said to be in development.

Harry Domanski
Harry is an Australian Journalist for TechRadar with an ear to the ground for future tech, and the other in front of a vintage amplifier. He likes stories told in charming ways, and content consumed through massive screens. He also likes to get his hands dirty with the ethics of the tech.