|Autofill Phishing Attacks|
The auto-fill systems in browsers such as Google Chrome, Opera, and Safari, plus plugins like LastPass, can be easily tricked into giving away your personal information on websites. The next few paragraphs will show you how to keep your personal data secure.
A web developer and hacker recently revealed the exploit and shared a sample of it in action. Essentially, a phishing site has text boxes that you can enter very basic information/data, such as an email address or name. However when you choose to use your browser’s auto-fill system to fill out the data in those boxes, the website uses hidden text boxes to assemble extra auto-fill information that you don’t even realize you’re giving away. This information could be anything from your phone number, credit card, or even your home address.
In order to protect yourself, you should always avoid sharing any personal information or using programs similar to LastPass on sites that you aren’t totally sure of. Another option is to completely turn off auto-fill in your browsers. Here are the steps to make these changes for Chrome, Safari, and Opera. Mozilla Firefox is the only one of that is immune from this phishing scam, since it doesn’t offer the auto-fill system at this time.
• Chrome: click the three-dot button in the top right corner then go to -Settings -Show advanced settings -once you are there you need to uncheck “Enable Auto-fill to fill out web forms in a single click” under “Passwords and forms.”
• Safari, click on Preferences -Auto-fill -then deselect any types of information you want Safari to automatically fill in.
• Opera: click the Opera button then go to Settings -Privacy -security -then you need to scroll down to “Auto-fill” -you want to uncheck “enable auto-filling of forms on webpages.”