The FBI has issued a warning that cybercriminals are now able to access email accounts, even when they’re secured with multifactor authentication (MFA).
Exploit Cookie Theft
The attacks exploit cookie theft — specifically targeting “remember me” session cookies—to bypass traditional login safeguards.
The threat begins when users are lured into visiting malicious websites or clicking on phishing links, which download malware onto their computers, according to Trend.
Once infected, hackers can steal session cookies that store login credentials, allowing them to access accounts without needing usernames, passwords, or MFA codes.
These "remember me" cookies are created when users check options like “Remember this device” during login, and can be used to re-enter accounts without additional security checks if intercepted.
Accounts Remain Vulnerable
The FBI notes that cookie theft affects all major email providers with web-based logins, including Gmail, Outlook, Yahoo, and AOL, and even extends to shopping and financial accounts.
Though some financial platforms have additional security, other accounts remain vulnerable to this tactic.
To combat this, tech companies like Google are developing ways to link cookies to specific devices and apps, making stolen cookies ineffective.
While these security upgrades are promising, the FBI emphasizes that cookie theft remains a serious threat.
To better protect yourself, the FBI recommends the following actions:
Regularly clear cookies from your browser.
Avoid clicking on “Remember me” on shared or public devices.
Be cautious with links, visiting only secure sites (HTTPS).
Frequently review your account’s login history for unfamiliar devices.
While MFA remains a crucial layer of protection, passkeys are gaining traction as a secure alternative. These digital keys tie login credentials to devices, often using biometrics for verification, and may become a key part of secure online access as cyber threats evolve.
