What are Computer Cookies, and Are They Considered Malware?
Table of Contents
- By Alison OLeary
- May 06, 2022
A lot goes on behind the scenes when you’re browsing the internet on your computer or mobile device. Much of the activity comes from cookies, which are devices that collect data on your browsing history. In total, the data is called your footprint, and the individual pieces collected are called crumbs. Every time you log on and open a browser, these cookies are activated.
What Do Cookies Do?
There are different types of cookies with different purposes. All track the data you leave behind when visiting websites. The top 50 websites in the United States place an average of 64 cookies on computers, for a total of more than 3,100 potential trackers.
Many cookies simply act as placeholders for your browsing activity. When you return to a website you’ve been to before, it recognizes you and can automatically fill in a form. These cookies offer a personalized experience that shows you more of what you want to see. They allow you to keep several things in your shopping cart while shopping. Cookies also allow advertisers to tailor messages to your preferences so that you’re more likely to see and click on ads that appeal to you.
In the United States, cookies are allowed to track your data without notifying you of their presence (except for California, which has its own consumer protection law). Lawmakers in Europe and some other countries have passed laws regarding tracking cookies that limit the data collected from users. The following countries require specific consent to collect user data:
- United Kingdom
Different Types of Cookies
There are two basic types of tracking cookies: first party and third party. First-party cookies are created by the website owner to improve their business. These cookies track users on the owner’s website to determine how the user found the website, the user’s location, and other information pertinent to making customers’ experiences better. Third-party cookies are necessary for certain apps to operate for the site visitor, such as live-chat boxes. Third-party cookies are trackers put on your computer by the ads on pages you visit, even if you don’t click on the ads. Several browsers now (or soon plan to) block such cookies due to the potential to misuse the information gathered.
Other types of cookies:
- Session cookies. These follow a user only when they are on the website, then disappear and are not permanently attached to the user’s browser. They are also known as non-persistent cookies.
- Authentication cookies. These are used on subscription sites, like news and dating. These track the user during their session to confirm that the user is who they claim to be.
- Tracking cookies. These stay active indefinitely and follow users each time they visit a site.
- Zombie cookies. These are recreated versions of deleted cookies that can be difficult to locate and completely remove.
Are Cookies Safe, and if Not, Why?
Cookies can be hijacked, called session hijacking, which means that a hacker re-routes the packet of information in a cookie for his own use. Often this allows the hijacker to open a session with the user’s information stored on the cookie. For instance, if your browser has a first-party cookie for interacting with your bank, the hijacker might be able to use that information to impersonate you on the bank’s website.
Most experts say that most first-party cookies are safe, but third-party cookies can be a reason for concern. These cookies continue to gather information about you across many websites. If this information is compromised, hackers have access to your personal data that should be protected. If unsecured, these cookies can also be stolen or manipulated by sophisticated hackers to introduce malware on your computer.
How to Delete Cookies and Protect Yourself
Most computer security experts suggest clearing temporary internet files periodically to prevent a buildup of tracking cookies. They specifically warn about “sketchy” websites that are likely to deposit several cookies on your browser, eventually slowing down browser activity.
Some claim that blocking all cookies detracts from the browsing experience and will eventually lead to more companies using paywalls to make their websites profitable.
Go to your browser’s Privacy and Security tools and click on “clear data” to delete cookies. Most sites are similar, allowing you to search for cookie settings and turn them off. Note that doing so will require you to log in to all of your protected web accounts with passwords.
A handful of browsers are popular because they block tracking cookies and protect more of your information. Some of the ways to limit or prohibit cookies include:
- Use the Duck Duck Go search engine.
- Google Chrome. Plans to reduce or prohibit third-party cookies on Chrome have been delayed significantly as Google works with clients to determine how to make the switch.
- Add a blocker like Ghostery, Privacy Badger, or uBlock Origin to Chrome.
- Brave is a new browser that promises more privacy by blocking third-party cookies by default but still allows users to interact with websites – anonymously.
- Mozilla Firefox blocks third-party cookies and crypto miners by default.
In an alarming example of misuse of personal data collected by websites, Facebook allowed a company called Cambridge Analytica to collect information on Facebook users before the 2016 presidential election in the U.S. Some of that data was collected in ways that violated Facebook’s policies. Still, Cambridge Analytica continued to use it to build profiles of users so they could create ads specifically targeted to them. The information accessed with permission from 270,000 users also gave permission to access information on their friends, which spread the impact to 87 million people.