Autofill Form Phishing

Autofill Form Phishing: How It Works

There's no doubt that advancement in technology has also made it easier for regular consumers to fall victim to scams. Most cybercrooks utilize everyday apps and programs to prey on unsuspecting people, taking advantage of one of the most important things that people usually take for granted: convenience.

A great example of this is the Autofill feature of our browsers. In case you don't know what that is, the Autofill is the system that fills out automatically your data in all the boxes of a form that you need to fill out online. It does it based on your same past action.

Autofill is installed in most browsers nowadays and is used to fill up form filled using information gotten from browsing history. It helps to save time when typing and makes it easier to input passwords and essential details. If you take a look at your browser settings, you'll find that Autofill is enabled to store different forms of data, including usernames, passwords, and even credit card information. That's how much it's designed to help, but how do scammers take advantage of this feature.

Unfortunately, scammers can turn this feature against you and gain access to your vital credentials through Autofill. How do you prevent this from happening to you? It's a piece of information that could save you from a lot of hassle.

How does the scam work?

Watch the video below to see an explanation of how criminals use the Autofill feature.

 

 

When trying to gain access to different websites, you start at the login page. This is where we get to input our username and password. Thanks to the Autofill feature, the browser will save any information inputted into these fields. Usually, this isn't a bad thing, but there's a catch. A cybercrook has included malicious code on the login page.

The installed code is designed to create a harmful copy of the login page and store any information stored there. Ordinarily, this copy of the form isn't visible to us but can be detected by the browser. When the browser does this, the autofill feature will do what it's designed to and fill it up with credentials. Without knowing it, these details get sent to the scammer.

From this point on, the process is completely under the control of a third party, through the invisible code that has been added to the website. Usually, the website host may be unaware of this – because this code could easily be included in a malicious ad on their page.

So what happens when you switch off the autofill feature?

autofill form phishing

 

When you disable the autofill feature, it becomes easier to control your activity online. Now, you have to input your details manually into the login page and click on the login button, even though the website may be compromised with a copy. The malicious code is still on the homepage and will look to steal your credentials like before. However, by switching off the autofill feature, the code doesn't just gain access to your details. You've saved yourself a lot of trouble and denied the scammers access to the information that could hurt you.

By turning off this useful feature, you guard yourself against the attack and put an end to this supposed vulnerability. To protect the data you input on the browser from unauthorized access, it's highly recommended that you disable Autofill in Chrome or any other platform you use. Let's see.

How to Turn Off Autofill on Chrome, Safari, Explorer, and Firefox

 

How to Disable Autofill Chrome

As a user of Google Chrome, you're not only advised to turn off these features but also to clear all stored data. You can do it by following these steps:

  1. Navigate to the Chrome menu by clicking the three dots at the top right corner of the screen.
  2. Click on the settings tab.
  3. Navigate to the autofill section and identify the area where you get to turn on and turn off the feature.
  4. Toggle the settings and switch it off. Your settings will be saved.

 

Delete Stored Autofill Data on Chrome

  1. Navigate to the Chrome menu by clicking the three dots at the top right corner of the screen.
  2. Click on history and click on the history tab that you'll find in the next menu.
  3. Click on “Clear browsing data”. It's possible to use the shortcuts, CTRL + SHIFT + DEL, to skip the first three steps.
  4. Choose to clear browsing data from the beginning of time to clear everything completely. If you don't do this, you may omit some important details that you input much earlier.
  5. Make sure that you've enabled “Clear saved autofill form-data'.
  6. Clear your browsing data.

disable autofill chrome

 

How to Turn Off the Autofill Feature on Safari

  1. Navigate to the Safari menu by clicking on the Safari icon at the top of the screen.
  2. Click on preferences.
  3. Select Autofill.
  4. Uncheck “Using Info from my contacts card/ address book card.”
  5. Next, select done.

 

Delete Stored Autofill Data on Safari

  1. Navigate to the Safari menu by clicking on the Safari icon at the top of the screen.
  2. Click on preferences.
  3. Select Autofill.
  4. Under the “Usernames and Passwords”, select edit.
  5. Click on “remove all” or identify any information stored for iClassPro.com and remove them manually.
  6. Select Done.

How to Disable the Autofill Feature on Internet Explorer

When using Internet Explorer, it's best not to inky turn off the autofill feature but to also clear any data related to it.

  1. Click on the Tools menu icon, which is located at the top right-hand corner of the screen.
  2. Select Internet Options.
  3. Click on the “Content” tab.
  4. Under the autocomplete section, click on settings.
  5. Under forms, uncheck “Forms and Usernames.”
  6. Click on OK in the autocomplete settings.
  7. Select OK in the Internet Options window.

 

Delete Stored Autofill Data on Internet Explorer

  1. Click on the Tools menu icon, which is located at the top right-hand corner of the screen.
  2. Select Internet Options.
  3. Click on the “Content” tab.
  4. Navigate to settings in the autocomplete section.
  5. At the bottom of the window, select Delete AutoComplete History.
  6. Check “Form Data and Password”.
  7. Select Delete.
  8. Click on OK in the autocomplete settings.
  9. Select OK in the Internet Options window.

How to Turn Off the Autofill Feature in Mozilla Firefox

On Mozilla Firefox, you have to turn off the autofill feature and clear it. You can do this according to the following steps:

  1. Click on the menu icon, which is located at the top right-hand corner of the screen.
  2. Click on options.
  3. Navigate to the “Privacy & Security”.
  4. Under the “Forms & Autofill” section, uncheck “Autofill addresses.” The system will save any changes that you've made.

 

Delete Stored Autofill Data on Mozilla Firefox

  1. Click on the Mozilla Firefox menu.
  2. Navigate to “Privacy and Security”.
  3. Navigate to the “History” section and click on the “Clear History” tab. It's possible to use the shortcuts, CTRL + SHIFT + DEL, to skip the first three steps.
  4. When choosing the “Time Range to clear,” click on “everything.”
  5. Ensure that you have ticked the “Form & Search” history.
  6. Click on clear now.

 

The duration to clear this data is entirely dependent on the amount of browsing history which you have managed to accumulate over time.

 

Autofill Form Phishing: How To Report

Warn your family and friends about the autofill phishing by sharing it on social media using the buttons provided. You can also officially report the scammers to the Federal Trade Commission using the link below:

Report To The FTC Here

 

How To Prevent Identity Theft and More

If you want to be the first to find out the most notorious scams every week, feel free to subscribe to the Scam Detector newsletter here. You'll receive periodic emails – we promise not to spam. Meanwhile, educate yourself with some other fraud-related articles right under this paragraph, so that you can protect yourself in many other aspects and niches. Last but not least, use the Comments section below to expose other scammers.

Here are some must-reads for the end:

Credit Card Fraud

How to Prevent Identity Theft

Securities Fraud Scam

What is Spear Phishing

Recruiting on LInkedIn Scam


Verify a website below

Are you just about to make a purchase online? See if the website is legit with our validator:

vldtr®

loding img
Searching: Domain age, Alexa rank, HTTPS valid, Blacklisting, SSL certificates, Source code, Location, IP address, WOT Trustworthiness, Spam reports, Advanced technology, Privacy Policy, Terms of Use, Contact options
identity theft protection

TOP 4 MUST-WATCH FRAUD PREVENTION VIDEOS

1. Top 5 Amazon Scams in 2024
 
2. Top 5 PayPal Scams in 2024
 
3. How To Spot a Scam Email in 2024
selma hrynchuk
Selma HrynchukSelma is a fraud prevention specialist renowned for her expertise in private eye investigations and a remarkable partnership with law enforcement agencies. Beyond her investigative triumphs, her public speaking engagements and written works have empowered countless individuals to protect themselves and stay ahead of deceptive schemes. Selma's legacy shines as a tenacious agent of change, unyielding in her commitment to battling fraud and ensuring a safer world for all.

Leave a Comment

Your email address will not be published. Required fields are marked *