In a recent alert, the FBI warned that hackers are finding ways into email accounts, even if they’re protected by multifactor authentication (MFA). The attacks often start when users click on phishing links or visit suspicious websites that download malicious software to their computers.
The key method? “Cookie theft.” Unlike typical tracking cookies, these “session cookies” or “Remember Me” cookies store login details, so users don’t have to re-enter their credentials every time they visit a website. Hackers who steal these cookies can gain access to email accounts without needing usernames, passwords, or MFA codes.
According to Google, this type of cookie theft has become a prime target for attackers. “Remember Me” cookies, created when users check that option at login, can be stolen and used by cybercriminals to impersonate the user. This threat affects not only email accounts like Gmail, Outlook, Yahoo, and AOL but also shopping and financial platforms.
Here’s what you can do to protect yourself:
- Regularly clear cookies from your browser.
- Be cautious with the “Remember Me” option when logging into sites.
- Avoid clicking on suspicious links and only visit secure sites (HTTPS).
- Monitor your account’s recent login history to spot any unusual activity.
If you think you’ve been a victim of cybercrime, you can report it to the FBI’s Internet Crime Complaint Center at www.ic3.gov.
Leave a Reply