A drive-by download is the unintentional download of malicious code onto a device. Designed to trick users into visiting a compromised website, drive-by download attacks give hackers an opportunity to gain remote control of a system, steal credentials, and destroy important data.
With the remote work landscape leaving organizations more vulnerable to cybersecurity risks, now is a critical time to stay alert of this common threat. Keep reading to learn how drive-by downloads work and some key strategies for reducing your chance of exposure.
SEE ALSO: Cybersecurity challenges of remote working
What is a drive-by download?
A drive-by download is any automatic installation of software that occurs without a user’s knowledge. While authorized downloads require some level of interaction such as pressing “download” or clicking a link, unauthorized types are launched solely from visiting an infected web page. This means that the download will occur immediately with no initial prompts or warnings.
Cybercriminals can leverage drive-by downloads to upload a series of harmful applications to a device. This may include botnets that spread spam , ransomware with data-encryption capabilities, and keyloggers that enable access to passwords and other sources of private information.
Where do drive-by downloads come from?
Hackers often trick users into visiting a compromised web page by incorporating malicious links and attachments into seemingly legitimate sites. They can also be hidden in authentic-looking emails, social media posts, and text messages. Once clicked, the attack can occur straight from the website itself or indirectly through malvertising .
Additionally, drive-by downloads may arrive in the form of a deceitful computer program. In these cases, users can be misled into moving forward with an illegitimate virus scan or consenting to a system update. In reality, they are falling victim to a Trojan or other type of malware.
How to prevent an attack
Most drive-by downloads are accomplished by taking advantage of security flaws such as out-of-date browsers, old operating systems, and unpatched plugins. Therefore, the best line of defense is making regular updates a top priority. Additional protective measures include:
- Eliminate any unnecessary apps, add-ons, and software from your computer.
- Avoid navigating unfamiliar and non-reputable websites including file-sharing pages and platforms that serve pirated content.
- Before agreeing to a security pop-up, keep an eye out for grainy images, spelling errors, and other suspicious indicators.
- When in doubt, hover over URLs in emails to check for inconsistencies between the text and the link.
- Install a firewall to actively monitor for potential threats.
- Use an ad-blocker to lower the risk of an advertising-based attack.
Stay proactive with Paubox
While browsers are continuing to implement new protections against drive-by downloads, cybercriminals are also steadily advancing their methods and finding different ways to outsmart systems. Mindful browsing is a smart first move to safeguard your information, but strong email security is a crucial next step.
Built to send HIPAA compliant email by default, Paubox Email Suite offers automatic email encryption to proactively defend your data from cyberattacks. With email serving as a common entry point to a drive-by download, our Plus and Premium plan levels also feature inbound email security tools that help stop threats at the source.
Our patent-pending feature Zero Trust Email leverages email AI to create a strict identity verification process to confirm the authenticity of a message, while our patented ExecProtect feature intercepts display name spoofing attempts before they even arrive in your inbox.