This study investigates cookie vulnerabilities, focusing on awareness, privacy risks, and exploitation techniques. We used a mixed-method approach that combines insights from a survey study and a systematic mapping study of 27 papers from online databases to comprehensively address the research topic. The results show a moderate level of user awareness about cookie-related privacy risks, with significant concerns over user tracking and profiling, identified in 88% of the reviewed studies. Key risks include sensitive data exposure, privacy and consent issues, targeted advertising, ineffective mitigation measures, and cyberattacks. Tracking via cookies, and especially third-party cookies were found to pose the greatest risk to end-users. Their widespread use for cross-site tracking and extensive fingerprinting often occurred without users’ awareness or explicit consent. These insights suggest the need for stricter privacy laws, better practices on cookies, and improved user awareness to mitigate concerning risks.

Awareness; Cookies; Exploitation; Online tracking; Privacy risks