The remote working scenario has increased our reliance on cloud and web services. These services often have access to our personal and business-sensitive information. Pass-the-cookie attack is a method used by cybercriminals to gain unauthorized access to these services.

Infographics-pass-the-cookie attacks
Download Infographics

Download and share the infographic for free with employees.

How does the attack work?

  1. A ‘session’ cookie is generated in the browser when the user logs into a web service.
  2. This ‘session’ cookie enables the user to access logged-in services without needing to authenticate frequently.
  3. Cybercriminals can steal these cookies using a specially designed malware or a phishing attack.
  4. Then they inject the cookies to their own browser session enabling them to access the victim’s web services.

We recommend the following to stay safe

  • Enable client certificates stored in user profiles in their systems.
  • Implement dynamic tokens, which change at regular intervals.
  • Add further identifying criteria such as source IP address for login.