The "I Know..." series of blog posts shows relatively simple tricks [malicious] websites can use to coax a browser into revealing information that it probably should not. Firewalls, anti-virus software, anti-phishing scam black lists, and even patching your browser was not going to help.
Fortunately, if you are using one of today’s latest and greatest browsers (Chrome, Firefox, Internet Explorer, Safari, etc.), these tricks, these attack techniques, mostly don’t work anymore. The unfortunate part is that they were by no means the only way to accomplish these feats.
- … Series Introduction
- …A LOT About Your Web Browser and Computer
- …The Country, Town, and City You Are Connecting From (IP Geolocation)
- …What Websites You Are Logged-In To (Login-Detection via CSRF)
- … I Know Your Name, and Probably a Whole Lot More (Deanonymization via Likejacking, Followjacking, etc.)
- … Who You Work For
- … Your [Corporate] Email Address, and more…
- … Summary and Guidance