namech

Last Updated on January 9, 2022

What Are Internet Cookies?

You hear the words internet cookies so often, and you likely have a general idea of what they are and how they work – but it never hurts to dig a little deeper and find out how to get rid of them.

Go to:

The short of it is – an internet cookie is one or more pieces of information stored as text strings on your device. 

They exist so that your internet browser can track, personalize, and save your data after each session and recognize you and your device in the future.

Internet cookies also identify you when you visit websites that use cookies to enhance your browsing experience.

For example, if you’re in the middle of a shopping spree on an e-commerce site but get interrupted before checking out, the cookies will store your information, including what’s already in your shopping cart. Then, when you go back to that site, it will read the cookie, remember you (you don’t need to fill in certain bits of information), and what is still in your cart (enhances user experience).

Web pages use Internet cookies to store your information one text string at a time using your web browser. But how do they work? The most common use of an Internet cookie is when an e-commerce website stores a user ID. Session cookies and persistent cookies are the two primary types used by sites like Amazon.

Example – ID = 12345678

Amazon uses cookies like this every time someone makes an order. 

For example, you order a book, fill out the form with your contact info, and then Amazon assigns you an ID number. 

They then store that information from your browsing session in its database and send your unique ID to your Internet browser as an Internet cookie. 

Your web browser then stores that number on your hard disk. 

When you revisit Amazon, your ID is sent back to their server. 

The server then takes that ID and your information to customize the website sent back to you to enhance your user experience.

First-party cookies

First-party cookies are directly stored by the web page or domain when you visit. First-party Internet cookies allow websites to collect data, remember settings, and other functions that provide people with a quality and unique user experience.

Websites can’t typically use first-party cookies to track you from one site to another. Instead, they store information like your sign-in and language settings for just that domain.

E-commerce sites like Amazon use first-party cookies. Your web browser saves the information to your computer. It’s saved under the ‘amazon.com’ domain. When you disable first-party cookies, you have to sign in for every browsing session.

note

How to remove first-party cookies:

When you remove first-person cookies, your web browser will sign you out of all websites and delete your saved preferences. They are easy to remove.

  1. Open Chrome on your device
  2. Top right click More.
  3. Go to Settings
  4. Click Cookies and Other Site Data under Privacy and Security
  5. Go to See All Cookies and Site Data
  6. Click Remove All
  7. Click Clear All to confirm

Session cookies

A session cookie can’t be sent to any machine other than the one that generated the specific Internet cookie. 

Web browsers typically delete session cookies after you close them. A session cookie doesn’t have an expiration date assigned to it.

E-commerce web pages typically use session cookies to save your shopping cart. When you log in from the same device, session cookies from your web browser will remember the items in your cart.

note

How to remove session cookies:

If it makes you more comfortable, you can easily delete session cookies.

  1. Open Chrome on your device
  2. Click Settings
  3. Go to Privacy settings
  4. Click Content Settings
  5. Go to the Cookies section
  6. Click All Cookies and Site Data
  7. Click Remove All

Persistent cookies

Persistent cookies are stored on your device to help remember settings, info, preferences, and sign-on credentials that you were previously permitted to save. It is meant to create a convenient and quick website user experience. Persistent cookies have an expiration date issued to them by the web server and are destroyed after they expire. The expiration date can be a day, or it can be a year. 

One of the most common persistent cookies is a Google Analytics cookie. It remembers what you’ve done on previous web pages and keeps up with interactions with the website.

Persistent cookies delete themselves when they hit their expiration date. Or, you can remove them manually.

note

How to remove persistent cookies:

  1. Open Chrome on your device
  2. Top right click More.
  3. Go to Settings
  4. Click Cookies and Other Site Data under Privacy and Security
  5. Go to See All Cookies and Site Data
  6. Click Remove All
  7. Click Clear All to confirm

Browser cookies

A browser cookie, or HTTP cookie, is a string of data or code that your web browser stores when you visit a web page. The short snippet of data contains a wide variety of important information about you.

A web browser uses cookies to track, personalize, and save information during every session. Their web server will send your identifying information to your web browser when you return. E-commerce sites are the most significant users of browser cookies. However, overall personalization is one of the goals, too.

note

How to remove browser cookies:

You can delete browser cookies the same way you clear first-party cookies.

  1. Open Chrome on your device
  2. Top right click More.
  3. Go to Settings
  4. Click Cookies and Other Site Data under Privacy and Security
  5. Go to See All Cookies and Site Data
  6. Click Remove All
  7. Click Clear All to confirm

Zombie cookies

Zombie cookies give web page tracking companies the power to retrieve information so that they can continue to track your online activity.

Zombie cookies have one primary purpose. It is to store your personal info for online marketing activities. The data is not stored on your computer. Zombie cookies are not really cookies at all.

The information that Zombie cookies can hold is endless. And, if you do try to delete them, they will revive themselves. Hence their name, Zombie. The law is catching up with the invasions to user privacy and the malicious use of private information. 

California has become the first state to make Zombie cookies illegal and hold the invaders accountable by making them subject to class action lawsuits.

Social media cookies

You’ve experienced social media cookies, even if you never used them. They are cookies that connect a web page to a third-party social media platform. 

For example, if you’ve recently created a new account on any site, you’ve likely run across the option to log in through your Google or Facebook accounts. Many social media cookies are set up through plugins, widgets, and the share button.

Social media cookies contain all the information your social media platforms have access to. It’s safer to create original logins for all websites than to use your social media cookies to link them all. 

When you use a social media widget or share button, they are getting way more of your information than if you just created a new account from scratch.

note

How to remove social media cookies:

  1. Open Chrome
  2. Click Settings (three dots in the top right corner)
  3. Click Advanced at the bottom of the page
  4. Click Clear Browsing Data
  5. Choose the internet cookies you want to delete
  6. Click Clear Data

Pop-ups

The pop-up refers to the actual banner that comes up on your screen to inform you that the web page uses cookies, and they pretend to ask for your permission. The truth is that most sites use cookies to do their job before ever obtaining consent.

Government regulation is catching up with the invasive nature of pop-ups. The European Union (EU) has taken the first steps towards protecting user data. The General Data Protection Regulation (GDPR) is considered the most robust data privacy and security law globally.

Pop-up cookies collect the same information as other cookies do. Your habits, your zip code, and additional information they find useful for marketing purposes. Pop-up cookies are used for nefarious purposes, too. Always be aware of what and who you’re giving cookie consent to.

note

How to remove pop-ups:

You can turn off cookies and block pop-ups. It sure helps reduce the risk of giving content to a bad actor.

  1. Open Chrome
  2. Click Settings
  3. Click Privacy and Security
  4. Click Site Settings
  5. Go to Content
  6. Click Cookies and Site Data
  7. Select Block Third-party Cookies

Magic cookies

Magic cookies aren’t magic. They contain tiny information bits that travel from your web browser to a web server. The name Magic Cookie is derived from a fortune cookie because a magic cookie has an embedded message. 

A magic cookie is a token used to track, authenticate, and inform a client in a system about the presence of a server. It might be an identification token or a password that activates a specific function. They don’t contain readable data, just path info. 

 It is referred to as a magic cookie because the data is only known to the software, not the user.

note

How to remove magic cookies

  1. Open Chrome
  2. Click More (top right)
  3. Click More Tools
  4. Click Clear Browsing Data
  5. Check two boxes – Cookies and Other Site Data & Cached Images and Files
  6. Click Clear Data

The first thing you should know is that you can’t get a virus from a cookie. Internet cookies are tiny text files and aren’t set to execute anything. However, they still can present a huge security risk and invade your online privacy.

The most prominent example is that cookies can get hacked. If a cookie is hijacked, the bad actor could impersonate you and gain unauthorized access to your data.

Cross-site request forgery

Cookies don’t distinguish if requests come from the actual user of the website or someone else. It is called cookie neutrality and is easy to take advantage of. Hackers use your legitimate cookies to set up a malicious attack when you visit another site. 

update

Example of cross-site request forgery (CSRF):

  • Attacker forges a request for the transfer funds to a website
  • The attacker embeds the request in a hyperlink.
  • The attacker sends that hyperlink to people visiting that website.
  • The visitor clicks on the hyperlink, which then sends the request to the website.
  • The website validates that request and traders to the funds from the visitor’s account to the attacker’s.

Session fixation

When you visit a web page that requires login information, your computer will store your browsing session cookies for as long as your web browser is open. It makes everything from e-commerce to reading newspapers easier. However, it can leave an opening for a hacker to steal your session ID.

The purpose is to misuse that particulate session for malicious activity and personal gain. When a session fixation happens, the bad actor already has access to your session. Therefore, it is best to make it a habit to log out of websites, even if you think they automatically log you out.

Cookie tossing

The most common type of cookie online security issue is known as cookie tossing. Some websites use unsecured cookies that don’t have a path or domain name. If there is more than one cookie, your web browser will randomly pick one to use. Hackers are using this to steal personal data like credit card information.

An attacker creates a fake domain cookie that looks like a legitimate website and then sends it to the user. When you visit the website, the server has to choose which cookie to use. It has two options, and sometimes it chooses the fake cookie and allows the bad actor to take over the session and access your account.

Blocking internet cookies gets tricky because cookies are sometimes helpful. However, you can disable them.

tip
  1. Open Chrome
  2. Go to More (top right)
  3. Click Settings
  4. Click Privacy And Security
  5. Go to Cookies and Other Site Data
  6. From here, you can select several options – Allow All Cookies, Block All Cookies (not recommended), Block Third-Party Cookies in Incognito, or Block Third-Party Cookies

Also, it is helpful to understand that a VPN doesn’t hide your web browser search history. Nor does it prevent your web browser from logging the session. You can manually delete your search history from your browser or turn on private browsing.

note

Internet explorer

  1. Open Internet Explorer
  2. Click Settings
  3. Click Internet Options
  4. Go to General
  5. Go to Browsing History
  6. Click Delete
  7. Click Temporary Internet Files, Website Files, and Cookies and Website Data
  8. Click Delete
tip

Safari

  1. Open Safari
  2. Go to Settings
  3. Click Clear History and Website Data
note

Google Chrome

  1. Open Chrome on your device
  2. Top right click More.
  3. Go to Settings
  4. Click Cookies and Other Site Data under Privacy and Security
  5. Go to See All Cookies and Site Data
  6. Click Remove All
  7. Click Clear All to confirm
tip

Firefox

  1. Open Firefox
  2. Go to the Menu Bar
  3. Click Privacy and Security
  4. Go to Cookies and Site Data
  5. Click Clear Data
  6. Click Clear to confirm
note

iPhone

  1. Open Safari
  2. Go to Settings
  3. Click Clear History and Website Data
tip

Hard drive

  1. Type run in your desktop search bar
  2. Click run in the search results
  3. Type “regedit” in the Run search box
  4. Click OK
  5. Right-click on every entry you want to delete
  6. Click Delete
  7. Click Yes to confirm
note

Mac

  1. Open Safari
  2. Go to Menu
  3. Click Preferences
  4. Click the Privacy tab
  5. Click Remove All Website Data
  6. Click Remove Now in the pop-up to confirm
shape

CHK_ YOUR NAME RIGHT NOW

Use our engine to quickly check your content right now!