Common browser feature makes hackers’ jobs easier

Consider turning off this tool to enhance your company’s Internet security.

At the recent Black Hat security conference in Las Vegas, security researcher Jeremiah Grossman demonstrated how a malicious website could steal a user’s information by manipulating a web browsers’ form auto-complete function.

This type of hack is possible either by stealing form information the browser has saved, or by using JavaScript to simulate text events and record what the browser inputs.

Though auto-complete isn’t on by default in most browsers, when users fill out a form, they’re often asked if they’d like to turn it on. And, not surprisingly, many of them click yes.

Given the amount of sensitive information that can gleaned just from forms users fill out, experts recommend businesses disable auto-complete and keep browsers up-to-date to protect themselves from this kind of attack.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy