What is cookie theft?
Cookie theft occurs when a third party copies unencrypted session data and uses it to impersonate the real user. Cookie theft most commonly occurs when a user accesses trusted sites over an unprotected or public Wi-Fi network. Although the username and password for a particular site are encrypted, it is the session data that moves back and forth (the cookie) not.
By mimicking someone's cookie over the same network, a hacker can access websites and take malicious actions. Depending on the sites being accessed while the hacker is monitoring the network, this could range from creating false posts on that person's name to transferring money from a bank account. Hacking software has made it easier for hackers to carry out these attacks by monitoring the packets back and forth. Cookie theft can be avoided by logging in only over SSL connections or by using the HTTPS protocol to encrypt the connection. Otherwise, it is best not to access websites through unsecured networks.