Phising, posting on an exploitable forum site with an specially crafted img, sure, extensions, maybe badly coded extensionsAnd how would you get somebody';s cookies? If it is as simple as running a script or a chrome extention, sure that might be a problem. But it isn't a prblem when you have to be on the network or have to know the email. It's kinda a non-problem at that point.