2 min read

What are drive-by download attacks and how do you prevent them?

Alina BÎZGĂ

October 25, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
What are drive-by download attacks and how do you prevent them?

A drive-by download attack involves the involuntary download of malicious code, file or software onto a computer or mobile device. Cybercriminals may use drive-by downloads to harvest your personal information, spy on you, inject banking Trojans, or infect your entire network with malware.

Drive-by download attacks can happen in many ways. Simply visiting a compromised website can be enough. The user often doesn’t have to take any direct action to prompt the download of malicious code on his device. This can take place when you visit a compromised website. Cybercriminals exploit security flaws on online platforms to inject malicious code. When you visit a compromised website, the code sniffs vulnerabilities in your browser or device and triggers the download of malicious software onto your device.

In other scenarios, drive-by downloads can be triggered by seemingly unobtrusive interactions with a pop-up ad or by clicking on a link received on social media or email. The close button for a pop up ad can act as the spark plug for these attacks. When an unsuspecting user clicks the “X” button to close the ad, he starts a malicious download on his device. The same goes for email attachments or links that may seem safe to access at first. A simple click will launch the download on your device.

Drive-by download attacks exploit vulnerabilities in your outdated apps, browsers or operating systems to eavesdrop on user communications, steal session credentials, install keyloggers and botnet toolkits, and even deploy ransomware.

Malicious drive-by downloads are often hosted on websites that provide mature content and on file-sharing platforms. Still, reputable websites can be compromised to serve hidden malicious code to visitors.

How to protect your device and data from malicious drive-by downloads

To protect against drive-by downloads, users should avoid accessing suspicious websites and be mindful of security notifications that warn about expired website certificates.

Be particularly wary of online ads that promise you gifts or rewards, and install a trusty ad-blocker. When downloading software onto your device, stick to official, reputable sources. Delete unnecessary apps and programs, especially if they no longer receive security updates from the vendor.

Remember to always keep your operating system, browser and applications up to date with the latest patches. Be mindful of social engineering attacks such as phishing and install a security solution on your devices.

Build up your digital security and keep your devices malware-free with our 90-day free Bitdefender Total Security trial. With the vulnerability assessment feature, you can scan for vulnerabilities and get advice on patching any security holes. At the same time, the multi-layered and innovative technologies keep you safe from all kinds of malicious attacks, phishing or fraudulent websites and links, no matter your favorite online activity.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Years after claiming DogWalk wasn't a vulnerability, Microsoft confirms flaw is being exploited and issues patch Years after claiming DogWalk wasn't a vulnerability, Microsoft confirms flaw is being exploited and issues patch
Graham CLULEY

August 11, 2022

1 min read
Creative scammers send their senior victim an Uber to take her to the bank Creative scammers send their senior victim an Uber to take her to the bank
Alina BÎZGĂ

August 11, 2022

2 min read
Cyberattack Disrupts 7-Eleven Stores in Denmark Cyberattack Disrupts 7-Eleven Stores in Denmark
Alina BÎZGĂ

August 10, 2022

1 min read