DATA DOCTORS

Preventing malicious drive-by downloading

Apr 3, 2021, 5:00 AM

(Pexels Photo)...

(Pexels Photo)

(Pexels Photo)

Q: What exactly is a drive-by download?

A: The Internet has become the malware delivery system of choice for those with malicious intent because it’s a direct connection to billions of users.

Typically, some form of user interaction is required for malware to gain access to your computer, such as downloading an email attachment or installing a rogue program posing as a legitimate piece of software.

Trying to convince a user into engaging in risky behavior has been getting more difficult as even those that aren’t tech-savvy have learned about their tactics.

Drive-by downloads

As a normal course of using the Internet, every time you visit a website, you are downloading files from that website to your computer in order to render the page.

A more efficient way to find victims is through the use of websites that are rigged with malware agents. This reduces what the potential victim has to do to become compromised.

The malware agents hiding within the site immediately go to work searching your computer for known vulnerabilities that haven’t been patched. If they find any holes, they can leverage the vulnerability to silently sneak malicious code onto your computer as the page is loading.

In many cases, the goal is to find vulnerabilities that will allow the hacker to remotely access the computer, providing them with endless opportunities to exploit the victim.

The only action the victim needs to take in the “drive-by download” scenario is to simply visit one of these booby-trapped websites.

Malicious links leading to these sites can be sent via email, text messages, in social media posts, in forums, in the comments section of a website or anywhere an active web link can be used.

Hacking legitimate websites

Another tactic for getting malicious links in front of victims is by compromising legitimate websites and embedding the links within the site. This is why it’s so important for anyone with a website to keep up with security updates or risk becoming an unwitting accomplice to this malicious activity.

Hackers have also been known to sneak malicious ads onto websites – also known as “malvertising” – aware that most users don’t suspect that an ad can lead to malware.

Preventative measures

The initial item exposed to these malicious websites is your browser, so keeping it updated is your first line of defense.

If you aren’t sure how to check for updates for your browser, do a Google search for “updating xxxx browser” where xxxx is the name of your browser.

Google Chrome also has a safety check feature that will review updates check for potentially harmful or vulnerable extensions by typing this into the address bar: chrome://settings/safetyCheck

Your operating system is another critical item that needs to be kept updated. Windows 10 users are generally force-fed updates but macOS users have a little more control over updates.

We typically see a much larger percentage of Apple computers that haven’t been updated, so if you’re a Mac user, don’t fall into a false sense of security when it comes to keeping your computer updated.

Ad blockers

A great way to avoid “malvertising” is by using an ad-block, which gives you total control over what gets downloaded to your computer while surfing.

Data Doctors

(Pexels Photo)...

Ken Colburn, Data Doctors

Here’s how to use AI on your smartphone

If your smartphone is relatively new and updated with the latest operating system, you’re using AI-powered tools without even knowing it.

3 days ago

(Pexels Photo)...

Ken Colburn, Data Doctors

Here are which electronics are OK in checked baggage

The primary determinant of what is safe to check in baggage is today’s most common battery technology: Lithium Ion.

10 days ago

DNS can help Arizonans protect their online security...

Ken Colburn, Data Doctors

How Arizonans can protect their cyber safety through DNS

DNS stands for Domain Name Service. It's is a vital element of Internet infrastructure all Arizonans should know about when working online.

17 days ago

(Pexels Photo)...

Ken Colburn, Data Doctors

Here are some useful Windows keyboard shortcuts

Keyboard shortcuts are one of the most underutilized features of any operating system and Windows 11 has many new ones.

24 days ago

Depending on the size of your home or how far outside your home you want the signal to be usable, r...

Ken Colburn, Data Doctors

Here’s how to choose the best WiFi router location

Depending on the size of your home or how far outside your home you want the signal to be usable - for items like security cameras - router placement is critical.

1 month ago

(Pexels photo)...

Ken Colburn, Data Doctors

Here’s how to use macros safely and effectively

Creating a macro is the process of recording keystrokes and mouse clicks for repetitive tasks within a document or spreadsheet.

1 month ago

Sponsored Articles

...

Midwestern University

Midwestern University Clinics: transforming health care in the valley

Midwestern University, long a fixture of comprehensive health care education in the West Valley, is also a recognized leader in community health care.

...

Fiesta Bowl Foundation

The 51st annual Vrbo Fiesta Bowl Parade is excitingly upon us

The 51st annual Vrbo Fiesta Bowl Parade presented by Lerner & Rowe is upon us! The attraction honors Arizona and the history of the game.

...

Collins Comfort Masters

Avoid a potential emergency and get your home’s heating and furnace safety checked

With the weather getting colder throughout the Valley, the best time to make sure your heating is all up to date is now. 

Preventing malicious drive-by downloading