'You can't see' secret box on websites that steal your passwords and information

A common internet trick could put you at risk, security experts warn.

It's called autocomplete and you've probably used it, even if only by accident.

Be careful when using autocomplete; only use this if you trust the website you are entering information onCredit: Getty

This is when some of your information is stored in your web browser appsuch as your name, password or credit card details.

Your browser can detect when forms that accept this information are on websites and allow you to fill in the fields automatically.

It saves you from having to type in the same information over and over again, but cyber experts at McAfee warned that “many may not realize” the danger that comes with using this feature.

“As tempting as it is to use your browser's autofill feature to fill out a long form, this shortcut may not be secure,” cybersecurity giant McAfee warned in a special memo.

“Cybercriminals have found ways to obtain login credentials by inserting fake login boxes on a web page that users cannot see.

“So if you accept the option to autofill your username and password, you are also filling in these fake boxes.”

It can be tricky to stay safe from “invisible” boxes, so it's important to be generally cautious when browsing the web.

It's probably not a big risk if you enter information on highly reputable websites or in trusted apps.

But be extremely careful about giving out information (let alone using autofill) on unknown websites.

This is especially true if you followed an unsolicited link to get there.

'Criminals can eavesdrop on you', say experts who warn all iPhone and Android users not to log in with 'text codes' anymore

However, using a password manager is still good advice – so don't ditch Google Chrome's built-in system or Apple's iCloud Keychain just yet.

Make sure you are wary of the websites where you use autofill.

And if you're nervous but need to enter a login, consider, for example, viewing your password in the saved iCloud Keychain and typing it in manually.

BAD ADS

The security experts used the same report to warn about another sinister website scam called 'malvertising'.

“If a user clicks on a seemingly legitimate and well-placed ad, they risk exposing themselves to numerous online threats,” McAfee explains.

“These ads may be infected with malware, such as viruses or spyware.

“For example, hackers can exploit vulnerabilities in browsers to download malware, steal information about the device system, and gain control over its operation.”

If an ad looks suspicious, don't click it, especially if the ad makes outrageous claims or promises.

This is especially the case if you are already on a strange website that you are not familiar with, or if you ended up on this website by accident.