Consumer Payment Card News

Autofill Functionality is for Stupid is as Stupid Does

The autofill function on your browser is convenient to help complete web forms quickly but did you know that many browsers will autofill hidden fields and provide a lot more data then you may be aware of? 

Earlier this month a web developer and hacker published how the autofill functionality on your browser such as Google Chrome, Safari, Internet Explorer, Opera and browser plugins like LastPass can be easily exploited into giving away far more data than you might intend simply by visiting a webpage.

How it works:

It starts when an end user visits a phishing site that may look a lot like a trusted website or may be the result of a phishing email directing an end user to a phishing lure page. The webpage will have a simple form or text box where the end user will enter basic data such as name or email address. At this point the browser’s autofill will attempt to auto-complete those fields in view and potentially several other hidden fields the user may not see collecting additional data such as: Credit Card, Social Security Number, Address, Phone, Etc.

With Phishing on the rise worldwide accounting for over 90% of data breaches and continuing to be the #1 end user hacking method, the Securecast team believes this recently publicized autofill vulnerability will present a serious risk to end users and organizations globally. Risks from Phishing include ransomware, username and password breach, identity fraud, financial loss from credit cards, W-2 breaches that leads to tax refund scams, wire fraud and data loss all start with a simple phishing attack and are amplified by this autofill risk.

Best practice suggests disabling autofill until browsers stop auto completing hidden fields.

Here are four ways you can help to protect older people in your community from financial exploitation:

1 Find a local network and attend their meetings and activities. Many networks conduct meetings to raise awareness about safety and common frauds and scams. Find out if there is a network in your community and when it meets by contacting your local sheriff, police department, or local Area Agency on Aging.

2 Share what you learn with others.  You can help your networks’ educational and prevention work by sharing the information with your family, friends, and neighbors. Check out this resource that others are passing on.

3 Lend a hand.  Many networks depend on volunteers to carry out their activities. Retired lawyers, bankers, teachers, police officers, and others serve as leaders and train others to detect, prevent, and respond to financial exploitation. Many volunteers also support their network’s educational work by reaching out to community and faith-based groups.  Many are serving as trainers for educational programs, such as Money Smart for Older Adults . Ask your local network if they need an extra hand.

4 Build a network. If you live in one of the nearly 2,300 counties without a network, create a network in your community. Learn more about existing networks and get some tips on how to start a network in your community.

MORE

Leave A Reply