Browser cookies are small files which act as a memory bank for websites accessed by a user. For example, Amazon remembers what you had in your shopping cart because it is communicating with the cookie it left in your browser. The cookie file itself is nothing more than a small .txt document. The site you’re visiting will identify any cookies it has stored in your browser and use them to custom-tailor your user experience.
If you have ever clicked “Remember me on this computer” on a website, you have requested a cookie from the server.
While cookies themselves cannot carry viruses or malicious code, harmful cookies have been used by hackers and identity thieves to help infect computers or harvest personal information.
From a digital forensics analysis standpoint, cookies are valuable because they let us find years of browsing activity on specific websites, including user names and passwords, pages visited and form content entered.
When someone deletes their browser history to cover their tracks, they often overlook the equally-incriminating cookies. Even when cookies have been deleted, digital detectives can frequently recover the lost information using advanced techniques such as file carving.
Back To Glossary