Today my Firefox browser version 57.0 updated my NoScript extension to version 10.1.1. When I logged on to Vanguard.com I saw warning messages about potential cross site scripting attacks from ******.fls.doubleclick.net to adservice.google.com. I simply clicked on the 'block' decision and continued my activities.When I performed a fund exchange I noticed the warning popup box contained the details of my transaction: account ID, fund name, city name, zip code, target bank, etc. This is potentially everything required for account hijacking. Luckily NoScript blocked it for me.I performed a nslookup on advervice.google.com, and it is in fact the same as pagead46.l.doubleclick.net. That also looked deceptive.I concluded that there is either a security issue at vanguard's web site, or I was infected with a browser based malware.My browser plugins include "Widevine Content Decryption Module provided by Google Inc.", and "OpenH264 Video Codec provided by Cisco Systems, Inc."any idea.?
I didn't find the right solution from the Internet.
Portions of the materials used are ®, (tm),(mr), and/or (mc) Epic Games, Inc., and/or copyrighted works of Epic Games, Inc., in the United States of America and elsewhere. All rights reserved, Epic Games, Inc. This material is not official and is not endorsed by Epic Games, Inc.