The good, the bad and the ugly side of internet cookies
National Homemade Cookies Day is celebrated every Oct 1 in the US. So, if you're looking for a bit of indulgence today, take out the baking tray and make some delicious homemade cookies to satisfy your sweet tooth.
While you're busy deciding between chocolate chip and peanut butter, take a few minutes to familiarize yourself with the less aromatic kind of cookies -- the ones lingering in your browser.
This is how the cookie crumbles
HTTP cookies or web cookies are a vital browser feature that consists of small pieces of information stored on your computer every time you go online.
Whenever you visit a website, your browser automatically sends it a request. The web page replies with a cookie that is stored on your device, so the next time you land on the same page, your browser is immediately identified.
For example, some cookies store your website preferences, like language settings, personalized content for your shopping cart and your login information, whenever you hit "remember me" or "keep me logged in" when visiting a website.
Basically, cookies smooth out the web experience via session management, personalization and tracking. If you haven't cleared your browser cookies in a while, hundreds if not thousands of them are likely stored in your browser.
First-party vs third-party cookies
Whenever you land on a website, you're greeted by first-party cookies directly stored by the domain you visit. These first-party cookies let the website owner collect analytic data such as your settings, browser type, and device type to allow for a smooth user experience.
In comparison, third-party cookies are generated by domains or websites that are different from the one you land on. They are often linked to ads found on the page, letting advertisers and analytics companies track your browsing history and target you with ads.
Are browser cookies dangerous?
While most cookies are not harmful, tracking cookies can jeopardize user privacy because they can track an individual's browsing patterns and history.
Online tracking can have its perks, as it offers a streamlined user experience and ad-targeting based on your personal interests. However, websites and platforms sometimes mishandle user information, possibly leaving the user more vulnerable to cybercrime.
Online cookies can't directly infect your device with malware. They are basic text files that can’t deliver malicious code. However, a malicious attacker can exploit some exposed cookies to gain unauthorized access to web sessions and accounts. This is called “session hijacking” or “cookie hijacking.”
Whenever you log in to an online platform, the server will generate a temporary session cookie in your browser. An attack only needs to intercept this session cookie to carry out a session hijacking attack that will let him fool the server into believing his connection is the same as yours.
Once the threat actors have hijacked your session, they can do anything on your account, including purchase items, access personal and sensitive data, steal confidential corporate data, or drain your bank account.
Boosting security and privacy
Users should only access websites using HTTPS and avoid connecting to unsecured Wi-Fi networks.
Public Wi-Fi networks like those in a café, shopping mall or airport lounge put you at risk of session hijacking attacks. A malicious actor can sniff out network traffic and intercept your session cookies.
Never log in to an account holding sensitive data when you connect to public Wi-Fi. If you absolutely need to, use a VPN to protect your data. To play it safe, log out of accounts when you're done with an activity such as shopping.
Don't access links received via unsolicited emails or texts that ask you to log in to websites, and install a security solution on your device to protect against malicious cookie-stealing software infecting your system.
With Bitdefender Total Security users enjoy the best anti-malware protection and threat detection and response against e-threats across all major operating systems. The real-time protection feature included in our security software safeguards against e-threats, including viruses, worms, Trojans, ransomware, zero-day exploits and spyware, to keep you and your data safe.
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
November 29, 2022
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022
Cyber Tips for a Spook-Free Halloween
October 26, 2022
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022