Even tech-savvy people can get their sessions hijacked. Clicking a link that looks safe, allowing a website prompt, installing what appears to be a trustworthy piece of software, or trusting a site that seems legit can be enough for an attacker to take control, even temporarily. Strong passwords or 2FA help in general, but they don't stop this kind of exploit. Getting caught doesn't necessarily mean you messed up - it just happens.

Why It Happens

Most scams try to target normal behavioral patterns, not ignorance. They work because they trick your trust and the context you're in.
  • A browser prompt asking to "allow notifications" or some other access look completely normal. We are used to answer cookie consents and allow/disallow notifications on nearly all websites these days.
  • Links that seem fine can run scripts that steal cookies or sessions. - Always hover over a link or button to check the target URL, shown bottom left or right - like shown below.
    • URL hover
  • Attackers manipulate the situation, not your knowledge.

Why This Doesn't Mean You're Dumb

Being careful or smart doesn't make you immune. These attacks are designed to hit people who act like any normal user would.
  • They exploit predictable human behavior, not mistakes.
  • Anyone can fall for it if the interface or context looks safe, or simply just habitual (like the cookie consent or allowing notifications).
  • Falling for one doesn't mean you're bad at security, stupid or otherwise - it probably just means the attacker was clever.

So...

  • Scams succeed by exploiting normal user actions, not just ignorance.
  • Awareness and vigilance are your best defenses.
  • Limit exposure: watch browser permissions, don't blindly trust links, and check active sessions, especially if you venture too far off your usual sites you know and consider safe.
  • So again, intelligence doesn't equal immunity - prevention and recovery are key.

If s*** Hit The Fan For You

  • Log out of all sessions immediately. (Most, if not all services have a Sign Out of all devices option).
  • Revoke any active tokens/sessions or connected apps that might have been compromised.
  • Reset cookies and passwords if needed.
  • Check which devices are still logged in and kick anything suspicious.
  • Learn from what happened - understanding the exploit is better than blaming yourself.
Now, to elaborate a bit on this. If someone managed to hijack your session, aka, stealing your cookies, it doesn't necessarily mean they have your password or 2FA. They just have a temporary access token that allows them to use your account until it expires or you log out. This is why it's crucial to act fast and log out of all sessions, revoke tokens, and change passwords if necessary (which I would always advise you to do). The attacker might not have long-term access, but they can still cause damage or access sensitive information during that time. So, the quicker you respond, the better you can minimize the impact. I do mention that you may see suspicious activity, but honestly it will probably just show as your location and/or device, it is your cookie information afterall. It is therefore important to check your active sessions and devices regularly, especially if you notice any unusual activity or if you venture into less familiar websites. This way, you can catch any unauthorized access early and take action before it causes significant harm. Even better, when you do venture off to less familiar sites - use incognito mode, as it doesn't save cookies or sessions, so even if something happens, it won't affect your main account sessions. It is not a 100% guarantee, but it can add an extra layer of protection when browsing potentially risky sites.