A malicious input form acquiring the contents is found before pushing the "send" button

ByThibault J.

A form for entering names, e-mail addresses, telephone numbers and the like is not uncommon on-line, but there are a number of things that have been acquired in the stage prior to pressing the "send" button to enter the information entered It became clear that it exists.

Before You Hit 'Submit,' This Company Has Already Logged Your Personal Data
http://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081


WebSites Found Collecting Data from Online Forms Even Before You Click Submit
http://thehackernews.com/2017/06/online-form-privacy.html


America's number one online mortgage service · "Quicken LoansProvided byMortgage simulatorIs also one such information, such as the name, email address, phone number you enteredBase64Convert based on Ohio State before the user presses the "send" buttonNaviStoneThere was a mechanism hidden to send to the company's server called. By the way, this information knows that even if the user changed the mind halfway through the page and closed the page, it sent information.

According to Gizmodo, this Javascript code was used in online form on the website provided by education center, women's clothing shop and other retailers, in addition to Quicken Loans mentioned above. Provide extended function "BuiltWith Technology Profiler" to examine development environment of web serviceBuiltWith TechnologyAccording to, the number of sites you are using seems to exceed at least 100.

NaviStone received the coverage of Gizmodo and changed the system so that it does not acquire information until the user presses "send".

By the way, in terms of the risk that users are not stolen information unintentionally, it is pointed out by Viljami Kuosmanen, a web developer and a hacker, that the function of automatically entering information on the online form (auto-fill function) is also dangerous I will.

There is a danger of personal information being stolen secretly when using "AutoFill function" which automatically inputs name, mail address, address etc. - GIGAZINE