Should I Accept Cookies From Strangers? Yes and No

Anyone who spends any time the internet has gotten the message when opening a link to a website: “This website uses cookies. Accept Cookies? YES. NO.” Most of the time, it is safe to accept cookies. To understand the risks associated with accepting cookies, you must first ask the question: “What does it mean when a website uses cookies, and what are their legitimate uses?”

What Does It Mean When a Website Uses Cookies?

Cookies are small text files holding simple information related to your website visit. Cookies are used for:

• Personalizing Content – Recording what items or pages you’ve viewed, so the site can personalize content and ads to target your interests
• Tracking – Marking what items you’ve looked at and what you’ve placed in the shopping cart while you shop so the site can suggest other items that might be of interest
• Managing Your Sessions – Recognizing visitor identity, login information and site preferences

Those above are the most common uses of cookies, which further break down into two main types: “session cookies” and “persistent cookies.”

• Session Cookies – stored locally on your computer’s RAM they are deleted when the session ends
• Persistent Cookies – stored on your computer indefinitely (unless they have an expiration date), they allow the website to authenticate visitors via passwords, etc., and track visitors over multiple visits, including pages viewed, purchase, videos, etc., to create a profile of the user

Q: Why do websites ask you to accept cookies?

A: They ask because they have to comply with privacy regulations like the General Data Protection Regulation (GDPR), which require sites to inform users about data collection and obtain consent before storing non-essential cookies.

Should I Accept Cookies or Not?

Blocking cookies is possible, although doing so reduce a site’s functionality. The good news is that most websites use cookies for pretty mundane purposes with no ill-intent, such as counting visitors and processing orders efficiently. However, it is not difficult to imagine how cybercriminals can highjack cookies and access a lot of personal and private information. Just think of all the times you’ve filled out an order form with name, address and phone numbers as well as financial information, such as credit card numbers and security codes. So, should I accept cookies, or should I be blocking cookies? The answer to both questions is: sometimes.

Q: What are the risks of accepting all cookies automatically?

A: Automatically accepting all cookies can expose you to extensive tracking, targeted advertising and even potential misuse of your personal data. Some cookies may store sensitive information, and if not handled securely, that data could be accessed by malicious actors. Moreover, extensive tracking can feel invasive and contribute to a loss of digital privacy, as companies may collect more data than you're comfortable with.

Which Are the Bad Cookies? Should I Start Blocking Cookies?

These are the most common cookies to avoid:

• Third-Party Cookies – If a pop-up mentions third-party cookies, do not accept. Doing so gives the site permission to sell any data about you it captures. Over time, your private data proliferates on so many websites that cybercriminals can create a detailed profile of you
• When You Are Giving Private Information – If you aren’t sure about the security or legitimacy of a website and you might have to give private data, do not accept cookies. If you accept cookies and have second thoughts, go to your browser settings immediately and clear your cookies
• When You Are on an Unencrypted or an Unprofessional-Looking Website – If it’s not a secure (HTTPS) website and something doesn’t look right, trust your instincts

As a general rule, think before you click. It’s a practice that applies in most cyber security issues. Choosing not to “accept cookies” will, at worst, force you to fill in login and other information every time you visit a site. By taking more time, you might gain peace of mind. If you are on a trusted site that you’ve used many times, it’s very likely safe to accept cookies. If you frequent a site and accept cookies when you do, you will have a more targeted and efficient experience, but keep in mind that the site is accumulating information about you every time you visit.

How Can I Limit My Exposure to Cookies?

• Try a Browser with More Private Browsing Options – Private browsing and incognito browsing afford a degree of protection. There are browsers, albeit slower ones, that also make privacy a primary feature
• Use a Virtual Private Network (VPN) – A VPN cloaks your browsing by creating a network within the network. Only the most determined and proficient cybercriminals will be able to breach your VPN
• Get a Cyber Risk Analysis –A cyber risk analysis by professional cyber security experts can determine your network vulnerabilities and offer advice if additional security layers are required

Q: What’s the best practice for managing cookies while browsing?

A: The best practice is to customize your cookie preferences whenever possible. When prompted, take a moment to review the cookie settings and disable non-essential cookies, particularly marketing or tracking cookies. You can also adjust your browser settings to block third-party cookies or use privacy-focused browsers and extensions that limit tracking. This balanced approach helps protect your privacy without severely impacting your browsing experience.

How Can You Prevent Cookies from Becoming Cyber Security Risks?

What does it mean when a website uses cookies? Now you know, but you still have to decide should I accept cookies? The truth is that sometimes you won’t have a choice. Many websites won’t function if you don’t, but you should take steps to limit cookies. Use private browsing, occasionally clean out the cookies in your browser settings and consider a VPN. If you’ve already accepted cookies and shared your data with unknown entities, you should take steps to reduce your exposure.

You might be using some protective measures already, but as your business grows, your network vulnerabilities grow, too. IT security firms work with SMBs to establish cyber security best practices to make sure their confidential data is protected. Many companies are bound by strict compliance and privacy laws, such as law firms, medical practices and financial service institutions. They must avoid data breaches of any kind.

For any business, cyberattacks can have devastating consequences. Reach out to us if you are in the New York City area, or to a local cyber security provider to assess your risks and help ensure you have the best data protection for your business.