- Unencrypted websites.
You shouldn’t accept cookies when you’re on an unencrypted website (a site where the lock icon beside the website address is not locked) If a website isn’t encrypted, there is no security to protect your data. This unsecured access may allow third parties like hackers to steal cookies from your browser, intercepting personal information you likely want to be kept private, like credit card and other private information, leaving you more vulnerable to online crimes like identity theft.
- Third-party cookies.
Not all cookies are the same. It’s a good idea to decline third-party cookies. If you don’t decline, the website could sell your browsing data to third parties. Sharing your personal information with third parties without giving you any control over it could also leave you vulnerable. For one thing, you don’t get to
- Flagged cookies.
Antivirus software may flag suspicious cookies, in which case you should not accept them (or you should delete them if you already have).
- Use of private information.
Cookie Usage gone wrong
In 2017, hackers took advantage of careless coding at Yahoo to gain access to 32 million user accounts by forging cookies that established logged-in sessions without requiring users to log in. However, most cookie-based attacks require the hacker to have control of the server or physical access to the PC on which the user’s cookies are stored. In those cases, a cookie vulnerability is the least of your worries.
Still, browser cookies are sent to and from your browser over the internet, which means they – like any data – could be intercepted and misused by inventive hackers. The security threat is small but measurable. And the digital data collection practices of advertising cookies represent a substantial privacy threat.
series of posts “Dough Not Agree”