Skip to main content

Everyone loves cookies--even cybercriminals

Everyone loves cookies--even cybercriminals

When you visit a site, probably for the first time or from a new device or browser, you will see an alert that mentions the site uses Cookies to offer you a more personalized experience and asks you if you are okay with it. Let’s admit it. A lot of us don’t even bother to read what the notification says before we click “Accept” and move on with our browsing.

Cookies are tiny information packets that store data related to your interaction and behavior on websites. It is like walking into your favorite local diner and having them serve up the “usual” instantly. Cookies, track your digital footprint on a website and allow the site to offer you a more personalized browsing experience. For example, let’s say you visited Amazon.com and looked at some cameras, perhaps you put one into your cart as well, but never checked out, or added one to your wishlist on the site. The next time the camera is on a sale, Amazon app sends you a notification about the price reduction. That happens with the help of cookies. And, that’s just one example. Cookies are not necessarily limited to shopping sites.You know how sometimes you can save your password for some sites, so you don’t have to type it or log in every time you visit the website? You are able to do that because of cookies. Any site can have cookies, though shopping and banking sites can’t function without them. These are known as session cookies and are absolutely indispensable, while some like persistent cookies make your web browsing experience more pleasant and the third party cookies, while not very pleasant, are used basically to facilitate online advertising. How do cookies become a security threat, then?

Cookies become a security threat when hackers get access to them. If hackers hijack your cookies, they can get access to your session, your passwords and other related online activities. Hackers sometimes create “Super Cookies” and “Zombie cookies” to steal information from authentic cookies. Such cookies are difficult to identify and delete and sometimes work like worms replicating themselves, thus making it more difficult to get rid of them. Hackers can also steal your cookies if they get access to your network or to the server of the website you are visiting. For example, if your bank’s or shopping website’s server was hacked into, chances are, the hacker has access to your cookies and thereby all your account details.

If you liked what you read, then check out our whitepaper, The cookie monster is coming for you, for a more detailed account of the threats posed by cookies and how you can manage them better.

Comments

Post a Comment

Popular posts from this blog

Access matters when things go to **and?)!

Access matters when things go to **&?)! The COVID-19 pandemic brought a multitude of lessons along with it, on both the personal and professional fronts. From the business perspective, the pandemic turned things upside down across almost every industry. One of the biggest trends that the pandemic brought was remote work. While working from home (WFH), or telecommuting as it was called earlier, existed in some industries, the pandemic made WFH mainstream for everyone. From doctor’s offices, to SMBs to IT companies, almost every industry had to resort to remote operations to stay in business. This shift from on-site, brick-and-mortar offices to WFH brought along with it some serious challenges. This blog discusses 2 ways businesses leveraged technology to overcome the various challenges businesses faced with the sudden shift to the remote work environment. Data access This was one of the first and foremost challenges. When shelter-in-place orders and lockdown restrictions were impos
Post a Comment
Read more

Stars of the show: Cloud and VOIP

Stars of the show: Cloud and VOIP Despite annoying challenges presented by the abrupt shift to the WFH model thanks to the pandemic, there were some tech heroes that saved the day. These two made WFH possible. The cloud The cloud is that platform whereby you outsource your data storage as well as many of your applications. With the cloud, your data and software applications are no longer physically located in a specific geographic location. Therefore, access is no longer tethered to a user's physical location. The cloud was the biggest game changer during the pandemic because it allowed businesses to get anytime, anywhere access to their data as well as critical applications. It wouldn’t be wrong to say that if it weren’t for the cloud, a lot of businesses wouldn’t have been able to survive the pandemic at all. VoIP Along with the cloud, VOIP proved to be one of the most critical elements when it came to business continuity during this pandemic. It revolutionized business commu
Post a Comment
Read more

Leave virus protection to your MSP Doctor

Leave virus protection to your MSP Doctor Cyberattacks on individuals and businesses for nasty purposes is nothing new. Stealing data, disrupting business, national activities, and just causing general mayhem has been going on for as long as there has been a digital world to attack. Ransomware, however, seems to stand out as a particularly unique and especially troublesome form of crime. For one thing, once an attack has happened, there is likely nothing to do to retrieve your data until you have given in to the demands of the criminals. As a small- to medium- sized business owner, you should never just rely on off-the shelf virus protection programs as the sole tool to protect your organization against cyber crime. In all cases you should rely on an IT professional to look at every aspect of your IT infrastructure to ensure that everything possible is being done to protect your data. Beyond that, ransomware attacks are a particularly troublesome form of crime that requires special
Post a Comment
Read more