"It is also possible for an attacker to take control over the profile pictures the user sees, swapping them for inappropriate content," researchers said.
"With a maximum child tax credit of $1,000 per child, that is a potentially significant return on investment," researchers said.
Uber says security bug that let hackers bypass two-factor authentication wasn't 'particularly severe'
The security researcher said Uber marked his bug report as "informative", which means it contains "useful information but did warrant an immediate action or fix".
Hackers frequently look to target and exploit curious users by tapping into trending issues, events in the news or widely publicised ones in their attacks.
Intel has disclosed that the patches were causing devices to reboot unexpectedly among other "unpredictable" behavior.
Clarke is the latest in a slew of US conservative political figures and reporters targeted by the Turkish hacking group.
Malicious websites used to generate password details for the fintech network "IOTA" are reportedly to blame for the theft of nearly $4 million from users' cryptocurrency wallets.
These Chrome and Firefox extensions can hijack browsers, spy on you and are almost impossible to remove
"Since both the Chrome and Firefox extensions mostly add themselves through forced installs, it's not always possible to avoid getting them," researchers said.
Over the past few years, DDoS attacks have become more sophisticated, common and cheaper to carry out as a popular tool in cybercriminals' arsenal.
The disclosure comes several days after users who purchased products on OnePlus' website reported credit card fraud earlier this month.
A 21-year-old computer hacker from the UK who made more than $700,000 by selling malware on the dark web has been jailed after being found guilty of multiple cybercrime charges.
High-risk vulnerabilities found in SinVR app leaked personally identifiable information of customers for around five days.