computer_cookies_what_are_they

HTTP cookies, web cookies, internet cookies, browser cookies: What are computer cookies?

They don’t involve raisins or chocolate chips, but they are bite-sized: the computer version of cookies might not be as tempting as the IRL version, but can certainly come in handy. Essentially, computer cookies are small slices of information that enable convenient and personalised web browsing. These small packets of data are generated by a web server and sent to a web browser that stores the cookies for a predetermined period of time. 

What are computer cookies used for?

Generally, cookies are there for web-browsing benefits (although they do also free up storage space on servers). They are used for:

  • Session management to ‘remember’ individual login information and user actions or preferences.
  • Personalisation to customise a user’s experience, often through targeted advertising.
  • Tracking within shopping sites to track items that users view (or have viewed previously) and to record items in a shopping cart while a user browses further. Without these cookies, every time you visited a new page within a site, your shopping cart would revert to ‘empty’.

Different types of HTTP cookies 

Get to know your main two types of cyber-world cookies:

Session Cookies

These computer cookies are short-lived. They last just for the period of time that you are navigating a website – once you exit a site, the session cookie is deleted. These particular cookies are only ever stored in Random Access Memory, never written to the hard drive.

Persistent Cookies

Rather than expiring when a website is exited or a browser closed, longer-lasting cookies – or persistent cookies – expire only after a specified length of time or after a specified date. These cookies are used for two main purposes – authentication and tracking.

  • Authentication cookies help manage user sessions by tracking when a user logs in and under what name. They can also ensure that the correct user information is delivered to the correct user.
  • Tracking cookies log multiple visits to a site over time – building up a picture of a user based on what they browse when they return to a site. This information can be used for targeted advertising, but can also help users by retaining details such as log-in credentials.

Managing your computer cookies (and any cookie concerns)

Computer cookies consist of information that is sent out and back without being changed. This unaltered data cannot infect your computer with viruses or malware. Unfortunately, some internet nasties may be disguised as cookies (known as ‘super cookies’ – which many browsers will be able to block). Some cyberattacks can hijack cookies, enabling access to a user’s browsing sessions.

Cookies are an optional part of your internet experience. However, banning all cookies may make some websites difficult to navigate. Different browsers store their cookies in different places, but all will allow you to remove cookies already stored. Plus, allow you to choose how future cookies are collected or stored. (Generally, the cookie section of a browser is found under Settings > Privacy.)

Choose Geelong’s IT experts for your internet security

Regardless of how you manage and govern cookies, it’s best to remain vigilant and clean up your cookies regularly. If you are concerned about your online security when it comes utilising cookies, or if you’re not 100% confident regarding the online security of your business, Geelong Technology Group is here to help.

With our extensive experience and comprehensive cybersecurity solutions, we can assess your current situation and recommend actions to ensure your business is safeguarded against cyber threats in the future, so get in contact today. 

1300 GET GTG (1300 438 484)

📍 166 Francis Street, Belmont

smishing

What is smishing? SMS phishing attacks and protection tips

When it comes to cybercrime, there’s always something new on the horizon, hoping to catch us unawares. One of the latest is ‘smishing’ or SMS phishing. It’s fast becoming an ever-increasing problem for both individuals and businesses.

 

Definition of smishing

SMS phishing is essentially a form of phishing attack undertaken through text or SMS messages. The messages often contain an urgent notification regarding banking or courier services or an offer for a free product. They aim to manipulate people into turning over sensitive data such as bank account details, credit card numbers, account passwords, or access to a business’ computer systems.

 

How does smishing work?

Smishing works much like email phishing. It uses social-engineering tactics to appeal to our desire to have things work smoothly (Oh no! There’s a problem with my bank account!), to help others (A message from a bushfire relief charity? Sure, I’ll help out!) or to help ourselves (Eighty percent off a new phone? Heck, yeah!). Unfortunately, because text messages seem more personal,  we may be more likely to click a link in an SMS than we would nowadays in an email.

Utilising trust (scammers pose as legitimate organisations), context (lots of people are expecting packages around Christmas, for instance), and emotion (we must act now!), cybercriminals write messages that will generate action. In this case, the clicking of a link within the text message. This malicious link may either trick you into downloading malware onto your phone that then masquerades as a legitimate app (into which you enter your personal details) or takes you to a fake site, again requesting your sensitive data. These apps and websites are often well disguised and look ‘legitimate’, tricking the unwary.

 

How can we avoid smishing attacks?

As more and more mobile phones are used for work, SMS phishing has become not only a consumer threat, but also a business threat. Avoiding smishing attacks is paramount. But how do we do this? First, we need to lose any false confidence we have in text message safety – smartphone security DOES have its limitations, and CAN be compromised. 

So, the best way to remain safe? Follow the golden rule and do nothing. That is, always err on the side of caution and don’t click on links in text messages.

Of course, sometimes we may have clicked a link in a hurry or in error, and some messages may include legitimate links, so how can we manage the risk?

  • If you have clicked on a link that you now believe may be suspect, DO NOT give any personal details.
  • If you believe it may be a legitimate message, but you’re not sure, navigate to the official business webpage via a separate browser or call the company using a number that you look up independently of the text message. (And remember, legitimate institutions are extremely unlikely to request login information or account updates via SMS.)
  • Don’t reply to messages that look suspect, even to text ‘Stop’ – this will indicate your number is active and may prompt further smishing attempts.
  • Only ever download apps from an official app store.
  • Utilise multi-factor authentication (MFA) wherever possible. A password inadvertently provided via a phishing attempt may still be useless to a cybercriminal if the second level of verification/authentication is required.
  • Report possible smishing attempts to the ACCC Scamwatch.

 

Need more information?

At Geelong Technology Group, our experienced IT professionals are here to help you avoid smishing messages, phishing emails, and other cyber-related scams or attacks. Helping homes and businesses in Geelong, the Bellarine Peninsula, the Surf Coast, and surrounding regions with their online security is what we love to do, so give us a call today on 1300 GET GTG (1300 438 484) or drop into our showroom at 166 Francis Street, Belmont.