Do you know where your online cookies are going?
It may sound sweet and tasty, but we’re not talking about the edible kind. We’re talking about the web cookies that pop up occasionally and ask you to “Accept All” when you’re browsing.
A recent study from threat exposure management platform NordStellar, published by NordVPN, analyzed a set of 93.7 billion cookies circulating on the dark web to determine how they were stolen and the risks they pose to users.
The research revealed that almost three billion tracked cookies are from users in the Philippines, which places the country in sixth place, which is not something to be proud of.
What are cookies?
Cookies are like tiny notes that websites, like Google or Bing, leave on your web browser. They help websites remember things about you, like login information and shopping preferences, making your browsing experience faster, more convenient, and personalized.
These cookies differ in type. First-party cookies are created and stored by websites you visit, while third-party cookies are stored on your device by another website you are not visiting. Meanwhile, super cookies are harder to detect and remove, while zombie cookies are those capable of “respawning” even after you delete them.
Depending on the type and source of these web cookies, they can be harmless, but if they fall into the wrong hands, your cookie crumbs will leave a digital trail that can be used against you.
How web cookies get stolen
According to the study, nearly all harvested cookies are stolen using malware, such as infostealers, trojans, and keyloggers. The people behind would target and collect login information, cookies, saved browser passwords, and crypto wallets.
When cybercriminals access these cookies containing information such as names, email addresses, birthdays, and physical addresses, they could launch a personalized social engineering attack against you and more.
- How to report a text scam to the NTC
- How to avoid fake sellers on Shopee and Lazada
- What is ‘quishing’ and how can we avoid it?
Which platforms did the web cookies come from?
The research showed that stolen cookies are primarily scraped from major platforms, like Google and Microsoft, because it’s easier for threat actors to obtain more user information from them, such as email, files, calendars, and linked accounts.
The top companies that regularly track cookies include popular sites such as Google (4.5 billion), YouTube (1.3 billion), Microsoft (1.15 billion), and Bing (1 billion). Other popular sites that lead in tracking cookies are MSN, Amazon, LinkedIn, Yahoo, Facebook, and TikTok.
Among the tracked origins of the cookie activities, Brazil leads the pack with over 7 billion tracked cookies, followed by India with 6.1 billion, Indonesia with 4.5 billion, the US with 3.6 billion, and Vietnam with 3.23 billion. The Philippines ranks sixth with 2,992,516,467 (7.60% are still active).
Unsurprisingly, most cookies were scraped from Windows devices, since most malware targets the Windows OS.
What can attackers do with your online cookies?
The article also reiterates how attackers can use web cookies to skip login pages and pose problems to the user. However, the more alarming issue is that stolen cookies can also be used to:
- Take over your social media, email, or online shopping accounts.
- Impersonate you online by using saved logins or autofill information.
- Bypass two-factor authentication if the cookie marks a “trusted” device.
- Launch targeted phishing attacks using your personal information.
- Move laterally across the network.
- Access financial or customer data, and other sensitive information.
- Help deploy ransomware attacks.
How to protect yourself from cookie-related threats
Here are some suggestions to protect yourself:
- Think twice before accepting cookies.
- Get additional security tools.
- Clear your cookies regularly.
- Use a safer connection by avoiding public Wi-Fi networks.
- Use a VPN to encrypt your Internet traffic.
In a time when everything is online, we must protect ourselves from online threats by being educated about the possibilities. We are the weakest link in cybersecurity.