Here is a list of some of the security issues that browsers present.
- Browser History: The browser history is a mechanism to track the internet behaviour of users. This includes knowing what the user does on a site and which sites they visit. By getting accessing to these history files, the criminals can know which sites their target has been using. This knowledge on their part can also lead to phishing attacks against users and obtain the credentials, establishing purchase habits, payment history etc. There can also be cases of blackmail if the websites the user visited prove to be unethical or illegal.
- Saved login credentials: Saved logins and bookmarked pages for the sites visited are a combination that opens up newer possibilities for hackers. While some sites require two-factor authentication for logging in, many of them utilize it only as a one-time login verification method. Subsequent access to the website might go unchallenged and this is where the problem lies. With emails, an attacker can get into the personal information of the user, if he can access the saved credentials. If they can get the email address and a password, they can work their way into every information that a user may have classified as private.
- Autofill information: Autofill information can be dangerous too. Browsers can save you address and contact information, but what would happen if the device is hacked or stolen? An attacker will know where the user lives, what their address and phone number is, and other details that can give them away.
- Cookies: Cookies are files stored locally which can identify users and link them to sites. They are a major potential threat to any user. Cookies can divulge personal details about the user and help an attacker plan his next move. As mentioned previously, incognito or private mode will come in handy here too.
- Browser Cache: The browser cache involves storing portions of web pages for easier loading on subsequent visits, which can hint at which sites you have been on and what you have seen. Malware can be adjusted to take advantage of cache data as well.
- Redirects and pop-up ads: Pop-ups are not just annoying; they can also be malicious. They compel users to visit unsafe pages or download malware. Promising exciting gifts, lucrative offers and making it impossible for the window to be closed, they are an effective way for attackers to redirect the user. These kinds of threats operate out of their heavy reliance on users reacting impulsively.