Information on cookies that you should know

Educational program for those who are connected with marketing or IT. We tell you what cookies are, how scammers use them, how to clear them, and much more.

Almost every site greets you with a warning that it uses cookies. Every user needs to know what these files store and how they are used.

What is a cookie – in simple terms

Cookies are small text files generated by websites. They contain information about visiting the site. These files are stored on the computer.

Cookies are needed to identify the user. When you return to the site, it will recognize you and adjust automatically. Registration forms will be filled out, and language and regional settings will be set. If you choose products on the site, new ones will be offered based on your preferences.

Here’s how it works. After you enter the address of the desired page in the browser, the browser looks for a cookie on the device for this site. If this file is found, it is sent to the resource server. The site receives it and starts using it. If the browser does not find the cookie, the site considers you a new visitor and asks permission to create files on the device.

It is unknown why these files are called cookies – “cookies” in English.

There is a theory that this references the Brothers Grimm fairy tale “Hansel and Gretel.” In it, children, to find their way home, marked the road with crumbs. This is similar to tracking user activity on the Internet using cookies.

According to another version, it all started in the late seventies with Unix programmers. A small packet of data that one program transmits to another, they designated the phrase magic cookie. The term was coined by analogy with fortune cookies – Chinese good luck cookies, in which you can find a magical prediction.

In 1994, programmer Lou Montulli created cookies while developing the Netscape Navigator browser. He first devised ​​using a text file to store information about online purchases on the user’s computer. This made it possible to create a virtual shopping cart. And he borrowed the name for this file from colleagues.

Cookies, cache, and autocomplete are different technologies. It is necessary to distinguish them.

A cache is a copy of heavy site data that the browser saves. It can be images, videos, or music. When you visit the site again, the browser will not request this data from the Internet but will take it from the cache. The site will load faster.

Autocomplete is a browser feature. It remembers data when you fill out forms on the site, such as your name, phone number, and email. And, if you need to fill out similar forms on another site, it offers ready-made options.

What information is stored in a cookie

The information stored in cookies can be almost anything. It depends on what the site you are visiting needs. Each site has its own set of cookies, but online stores collect and store the most information. Let’s look at the basic data:

• Individual settings. It can be language, city, page scale, or currency. Cookies save you from reconfiguring the site each time you log in.
• Authorization data. If the site provides a personal account, cookies store the username and password.
• Personal data. Sites can store phone numbers, passport data, addresses, and payment data. All so you do not enter the same thing whenever shopping or ordering services.
• Information about the device from which you accessed the site. Site owners need this information to optimize the performance of their resources. The session time on the site, device model, and browser version are saved.
• Transitions and clicks. When you visit the site, you are assigned an identifier stored in cookies. It can track your movement around the site or clicks on banner ads. This information is needed to make websites more user-friendly.

Where cookies are stored

Cookies are stored on the computer’s hard drive in the browser folder. You can open them with Notepad and read them, but you won’t be able to set cookies in the folder. Therefore, it is optional to know the exact path to them.

Cookies can be managed directly in the browser by clearing or deactivating them. We’ll show you how to find these settings in the most popular browsers.

In the Google Chrome browser: “Settings” → “Privacy and security” → “Cookies and other site data”.

In “Yandex Browser”: “Settings” → “Sites” → “Advanced site settings” → “Cookies”.

In the Opera browser: “Settings” → “Privacy and security” → “Cookies and other site data”.

In the Mozilla Firefox browser: “Settings” → “Privacy and security” → “Cookies and site data”.

In the Microsoft Edge browser: “Settings” → “Cookies and site permissions”.

In the Apple Safari browser: Safari → “Preferences” → “Cookies and website data”.

Types of cookies

Temporary. These cookies are only used when you use the site. For example, they might contain order form entries or page views. These files are deleted after the browser window is closed.

Permanent. These cookies are stored for a long period. The site owner sets the term, but usually, it is a year. Such files store passwords, logins, phone numbers, addresses, and payment details. Advertising services may also use them to obtain information about your online behavior and learn your preferences.

Third-party. These cookies do not belong to the site but to third parties. Most often, these are advertising companies whose banners are placed on the resource. They record conversions and study your preferences to understand which ads to show you. Also, these cookies use analytics services like Yandex Metrics and Google Analytics to collect data.

Why cookies are dangerous

Some believe that cookies can carry viruses and affect the amount of advertising. This doesn’t seem right.

Cookies do not carry viruses. For a virus to work, it must be in a program that can start the process. Cookies are written in the static TXT format. For the same reason, cookies by themselves cannot steal your data.

Also, cookies do not affect the number of ads shown to you. Its relevance depends on them, and the site owners are engaged in distribution.

However, attackers can intercept cookies and exploit the information they store. There are several ways to steal:

• Session hack. Hackers can intercept traffic and extract private data if you do not use an encrypted HTTPS connection.
• Cookie substitution. Cookies must be stored and sent back to the server unchanged. But attackers can modify the cookie before it is sent.
• Cross-site cookies. In this case, the hackers attack the browser itself, and instead of the cookies of one site, the cookies of another are stored. This is how scammers gain access to your session ID on the site.
• Cookie theft. Special programs can steal your login and password cookies. This will allow attackers to get into your account.

The consequences of stealing cookies can be:

• leakage of passport data, information about bank cards, and other personal information;
• fraud using your data;
• Aggressive advertising of products that you were previously interested in;
• gaining access to your computer to install malware;
• Spam on social media and email.

How to protect yourself

Most cookie theft occurs through the site owners’ or users’ fault. You cannot influence site owners, but you can protect yourself.

The main recommendation is not to visit dubious sites. These sites can be fraudulent, similar to banking or social media sites, without HTTPS, with many advertising banners.

Download programs and plug-ins from your browser’s official websites or app stores. When you visit a company’s website, check the domain in the address bar.

Life hack: if you need to go to a site you do not trust, turn on incognito mode and do not leave personal data on the site. So all cookies will be automatically deleted after the session ends.

Also, keep your connection secure. Update your browser promptly, use an antivirus on your computer, and do not enter personal data if you use free Wi-Fi.

Legal regulation: how sites should work with cookies

Roskomnadzor classifies cookies as personal data. They also fall under this definition under No. 152-FZ “On Personal Data,” but the law does not explicitly mention them.

Roskomnadzor recommends working with cookies in the same way as with any other personal data. Site owners should:

• Post a privacy policy – a document that describes what information the site collects, how it processes and stores it, and whether it transfers it to someone or not;
• Notify users of the collection of information – a simple notification in the form of a pop-up window will suffice.

In the future, the regulation of the industry will change, and new rules will be introduced for cookies.

When to clear cookies

Cookies are cleared for various reasons. For example, if:

• Several people use the computer. Clearing cookies will prevent someone else from using your username and password.
• The hard drive of the computer is clogged. Deleting cookies will free up additional space, and this will increase the performance of your device.
• The website needs to be fixed. Removing the cookie may restore its functionality.
• Your browser is slow. Clearing cookies will make it work faster.
• Are you tired of ads? Clearing and disabling cookies will give you more privacy on the web.

How to clear and disable cookies

You can disable cookies in your browser settings – we analyzed where they are located above. But completely disabling cookies can make your browsing experience less convenient. You must customize the site or manually enter data into forms each time.

In most cases, cleaning the files is enough. To do this, you can use special programs. The most popular is CCleaner and Privazer. You can also clear cookies in your browser. If you use multiple browsers, please remember that each saves its cookies. Therefore, you need to configure them separately.

Let’s learn how to clear cookies in different browsers.

Google Chrome: “Customize and manage Google Chrome” (three dots) → “History” → “Clear history”. Select a time range and check the “Cookies and other site data” box. Click “Delete Data”.

“Yandex Browser”: Settings “Yandex Browser” (three horizontal bars) → “History” → “Clear history”. Select a time range and check the “Cookies and other site and module data” checkbox. Click Clear.

Opera: In the sidebar, click History tab (watch) → Clear browsing history. Select a time range and check the “Cookies and other site data” box. Click “Delete Data”.

Mozilla Firefox: open the application menu (three horizontal bars) → “History” → “Delete History”. Select a time range and check the box next to “Cookies”. Click OK.

Microsoft Edge: “Settings and more” (three dots) → “Settings” → “Privacy, search and services” → “Delete web browsing data” → “Select items to remove.” Select a time range and check the “Cookies and other site data” box. Click Remove Now.

Apple Safari: Safari → Preferences → Privacy → Manage Website Data → Remove Everything.

In all browsers, the changes do not take effect immediately. After deleting cookies, you need to restart your browser.

Essential about cookies in six paragraphs

• Cookies are small text files a site saves on the user’s computer using a browser. These files contain information about visiting the site.
• Cookies are stored on the computer’s hard drive. The browser interface allows you to manage these files, so you do not need to know the exact path to them.
• Cookies are temporary, permanent, and third-party. Temporary ones are deleted after the browser is closed, permanent ones are usually stored for a year, and third-party ones do not belong to the site but to someone else.
• Cookies do not carry viruses and do not affect the amount of advertising. However, attackers can intercept cookies and exploit the information they store.
• To protect yourself, you need to follow several rules. For example, do not visit suspicious sites, use only official software, and update your browser promptly.
• You need to clear cookies if the site does not work correctly or the hard drive is full. This can be done using special software or in the browser settings.