"Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit"

According to a new study published by experts from KU Leuven, Radboud University, and the University of Lausanne, users' email addresses are being exfiltrated to tracking, marketing, and analytics domains before they are sent and without prior consent from the users. The study crawled 2.8 million pages from the top 100 websites and discovered that 1,844 websites permitted trackers to capture email addresses before form submission in the European Union, compared to 2,950 when the same set of websites was viewed from the US. Furthermore, it was discovered that 52 websites were collecting passwords in the same way, an issue that has subsequently been addressed as a result of responsible disclosure. Some of the top third-party tracker domains to which email addresses have been communicated are LiveRamp, Taboola, Adobe, Verizon, Yandex, Meta Platforms, TikTok, Salesforce, Listrak, and Oracle, while Yandex, Mixpanel, and LogRocket top the list in the password-grabbing category. This article continues to discuss the interception of online forms by web trackers before users click submit. 

THN reports "Web Trackers Caught Intercepting Online Forms Even Before Users Hit Submit"