The Browser Setting Everyone Should Turn Off Right Now
We all owe a big high-five to whoever first figured out autocomplete. It's probably spared us from a collective lifetime spent repeatedly filling out tedious info every time we log into or sign up for a new account. Unfortunately, some lowlife hackers may be hijacking the feature in a number of the most popular browsers and jeopardizing your web experience.
Basically, scammers are putting hidden text boxes onto websites that are "auto-completed" on the sly with things like your address and credit card number, when all you thought you were doing was submitting your name or email address. Fortunately, it's pretty easy to protect against.
The potential for such a phishing scam was first discovered by a Finnish developer, who realized that it's fairly simple to poach info from people by planting rogue text boxes on a particular target page. That's because many browsers' autofill systems work by automatically plugging in pertinent stored info -- your mailing address, phone numbers, credit cards, etc. -- into blank text boxes in an online form. By attempting the scheme himself, he found that would-be scammers could simply add additional "hidden" boxes to the page, and trick people into giving away more info than they intended to.
Affected browsers include biggies like Chrome, Safari, and Opera, as well as extensions like the password manager/form filler LastPass, which is perhaps an even more obvious target. So, if you're currently using any of these, it'd be wise to head to your Preference menu and temporarily disable the autofill feature until a security patch is pushed out.
Sign up here for our daily Thrillist email, and get your fix of the best in food/drink/fun.