- People are roasting this ‘traditional’ take on marriage with a hilarious meme 2 Years Ago
- The internet just collectively realized that the Neopets of the world must be hungry Today 4:00 PM
- Alt-right message board 8chan was served a search warrant Today 3:06 PM
- O.J. Simpson just joined Twitter in the most bizarre fashion Today 1:20 PM
- Prominent phone-hacking firm says it can unlock any iPhone for law enforcement Today 12:39 PM
- Hundreds of police officers belong to extremist Facebook groups, investigation finds Today 9:31 AM
- How to watch Tyson Fury vs. Tom Schwarz online Today 8:00 AM
- ‘Late Night’ is a disappointing, tepid comedy Today 7:00 AM
- How to stream ‘Love It or List It’ for free Today 7:00 AM
- How to watch the 2019 Concacaf Gold Cup online for free Today 6:55 AM
- Borderlands 3 preview suggests the aging series can still hang with the cool kids Today 6:30 AM
- How to stream the 2019 College World Series for free Today 6:00 AM
- Police try to solve domestic violence by giving victims blunt kitchen knives Friday 5:40 PM
- Privacy activist Ola Bini detained for 2 months in Ecuador without charges Friday 5:01 PM
- Twitter says suspending ‘God’ for a pro-LGBTQ tweet was an ‘error’ Friday 4:14 PM
Your browser’s autofill feature could hand your credit card number to criminals
There’s a simple fix—but you’re not going to like it.
Your browser may be handing your most sensitive information over to criminals.
The problem, recently uncovered by Finnish developer Viljami Kuosmanen, lies in your browser’s autofill feature, which may divulge your personal information without you realizing it. And it affects Chrome, Safari, and Opera, as well as password managers that use autofill, like LastPass.
Designed to enter your data—name, address, email address, credit card numbers, and more—each time you fill out an online form, autofill features save time and help you avoid the tedious task of typing out your information. The problem, Kuosmanen found, arises if you find yourself on a malicious website without realizing it.
Here’s how it works, according to Kuosmanen’s findings: A cybercriminal tricks you into entering information into an online form on a fraudulent website—say, a webpage that looks like an online retailer but is actually run by the criminal. When you start to fill in one piece of information, your other information saved in your browser’s autofill populates other text boxes, potentially handing that data over to the digital thief. Particularly nefarious cybercriminals can hide the text boxes, meaning you wouldn’t see the leak of your information happening.
Of the browsers Kuosmanen tested, Firefox was the only one not affected by the autofill security bug simply because it does not currently include a multi-box autofill feature. However, Mozilla is currently working to add that feature, according the Guardian.
The best way to avoid falling victim to this bug is to disable the autofill feature. Annoying? Sure—but it’s a whole lot less frustrating than having your bank account drained by some thief.
Andrew Couts is the former editor of Layer 8, a section dedicated to the intersection of the Internet and the state—and the gaps in between. Prior to the Daily Dot, Couts served as features editor and features writer for Digital Trends, associate editor of TheWeek.com, and associate editor at Maxim magazine. When he’s not working, Couts can be found hiking with his German shepherds or blasting around on motorcycles.