Federal Bureau of Investigation [FBI], Atlanta Division, Public Affairs Specialist Jenna Sellitto has advised the public that cybercriminals are gaining access to the email accounts of their victims by stealing a "cookie" from their victims' computer.
A “cookie” is a small piece of data, typically referred to as a “Remember-Me Cookie", that a website sends to the computer, allowing the website to remember certain information about its encounter with the computer, such as login details, preferences, or items in a shopping cart.
“Remember-Me cookies” are tied specifically to a user’s login and often last for 30 days before expiring. This type of cookie helps a user login without having to keep putting in the username, password, or the user's multifactor authentication (MFA). This type of cookie is usually generated when a user clicks the “Remember this device” checkbox when logging in to a website.
If a cybercriminal obtains the Remember-Me cookie from a user’s recent login to the user's web email, it can be used to sign-in as the user without requiring the username, password, or multifactor authentication (MFA). For these reasons, cybercriminals are increasingly focused on stealing Remember-Me cookies and using them as their preferred way of accessing a victim’s email. Victims unknowingly provide their cookies to cybercriminals when they visit suspicious websites or click on phishing links that download malicious software on to their computer.
Here are some tips to protect the user from such a risk:
Regularly clear the cookies from the computer's Internet browser.
Recognize the risks of clicking the “Remember Me” checkbox when logging into a website.
Do not click on suspicious links or websites.
Only visit sites with a secure connection (HTTPS) to protect the computer's data from being intercepted during transmissions.
Periodically monitor the device's login history.
Ms. Sellitto suggested that a victim of an account takeover or Internet scam contact the FBI Internet Crime Complaint Center [IC3] by clicking on www.ic3.gov.