Cookie theft: From stolen credit card details to extortio

  • New research discovers 2 billion stolen cookies that pose a risk to online shoppers and social media users

     

     

    By; Ahmed Helmy 

     

     

    New research by NordLocker demonstrates that the cookies your browser stores when you visit various websites can get easily snatched by computer viruses. According to the latest discovery, over 2 billion cookies from popular online services like AliExpress, Amazon, Facebook, Dropbox, and YouTube were stolen from unaware users’ machines by custom Trojan malware.

    “Cookies give you a tailored online experience with more relevant content. For example, online shopping cookies let the website keep track of all the items you place in your cart while you continue to browse,” explains Oliver Noble, a cybersecurity expert at NordLocker. “However, cookies can also help cybercriminals construct a detailed picture of you, including your location, interests, and habits. If hackers hijack your cookies, they might impersonate you and even get into your online accounts.”

    How can cybercriminals use your cookies?

    Cookies — small text files containing data about your interaction with a website — often get hacked when a user logs in to their online accounts over unprotected public Wi-Fi networks or unintentionally downloads malware onto their device. Different cookies store different data, which, when leaked, can cause different problems to a victim.

    “Luckily, hackers won’t be able to empty your bank account with the cookies stolen from your online banking session due to strong security measures. However, bad actors can learn important details about the bank you use and timestamps of your transactions. This data can be used in phishing scams, when hackers contact unaware users pretending to be the bank’s representatives to trick their victims into giving away their personally identifiable information,” Oliver Noble explains.

    Stolen cookies can be used in extortion scams, too. For example, NordLocker’s research found that malware stole millions of YouTube, Netflix, and Pornhub cookies. “In video streaming services, cookies provide you with an enjoyable experience as they remember what videos you’ve already watched and which ones you might be interested in watching next. “However, they also reveal your location, timestamps, site preferences, and your search history – all of which could provide grounds for extortion if a hacker decided to share information with your employer that you’ve been watching inappropriate content during work hours,” warns Oliver Noble.

    Cybercriminals pretending to be you on social media and sending spam to your contacts is unpleasant, but what is more worrying is when they get into your online accounts where you store your personal information, such as home address and credit card details. To avoid falling victim to cookie theft or session hijacking, you need to follow some cyber hygiene steps.

    How to avoid risks associated with website cookies?

    Don’t accept cookies. If you don't want cookies to hold information about you, decline them. Some websites won’t let you access their content, but, for the most part, you'll still be able to access the majority of the internet without accepting cookies.
     

    Delete your cookies and block any future ones in your browser’s settings if you don’t like the idea of being tracked and traced. 
     

    Only accept cookies on sites you trust to be safe and secure. A little padlock symbol and the URL starting with “https://” (“s” stands for “secure”) means that the connection between the website server and your web browser is encrypted.
     

    Don’t store your valuable information in your online shopping accounts. Better spend another minute or two typing your credit card details and home address every time you shop online than risk getting this information compromised in cookie theft.
     

    Refrain from unsecure websites and unprotected public Wi-Fi networks. Use the latter for internet browsing only, but, if you must log in to your personal accounts, protect your connection with a VPN (virtual private network). 

    حمّل تطبيق جريدة عالم رقمي الآن