Most browsers allow autofill or similar functions. After enabling this feature the browser will fill in fields the browser has seen from one of your sessions.
A researcher found a site that captured all user's personal information and sent this information to the requesting site. This information included that person's name, mail address, email address, credit card number, credit card expiration date, credit cart CCV etc. The web site displayed the autofill-ed information with a negative offset on the user's screen. Thus the user would be unaware that information was being sent since the negative offset fields was not seen on the screen.
The feature is handy and is different from a browser asking if the user wishes to have the browser save credit card information.
If you wish to disable this feature you will need to do this for each and every browser you might use.
Use each browser's help function to disable this setting (autofill, auto complete or similar) if you wish to add this protection.
No comments:
Post a Comment