by Sara Uzer
Article filed in

What is a drive-by download?

by Sara Uzer

A drive-by download is the unintentional download of malicious code onto a device. Designed to trick users into visiting a compromised website, drive-by download attacks give hackers an opportunity to gain remote control of a system, steal credentials, and destroy important data. 

With the remote work landscape leaving organizations more vulnerable to cybersecurity risks, now is a critical time to stay alert of this common threat. Keep reading to learn how drive-by downloads work and some key strategies for reducing your chance of exposure. 

SEE ALSO: Cybersecurity challenges of remote working

What is a drive-by download? 

A drive-by download is any automatic installation of software that occurs without a user’s knowledge. While authorized downloads require some level of interaction such as pressing “download” or clicking a link, unauthorized types are launched solely from visiting an infected web page. This means that the download will occur immediately with no initial prompts or warnings. 

Cybercriminals can leverage drive-by downloads to upload a series of harmful applications to a device. This may include botnets that spread spam, ransomware with data-encryption capabilities, and keyloggers that enable access to passwords and other sources of private information. 

Where do drive-by downloads come from? 

Hackers often trick users into visiting a compromised web page by incorporating malicious links and attachments into seemingly legitimate sites. They can also be hidden in authentic-looking emails, social media posts, and text messages. Once clicked, the attack can occur straight from the website itself or indirectly through malvertising.

Additionally, drive-by downloads may arrive in the form of a deceitful computer program. In these cases, users can be misled into moving forward with an illegitimate virus scan or consenting to a system update. In reality, they are falling victim to a Trojan or other type of malware.

How to prevent an attack 

Most drive-by downloads are accomplished by taking advantage of security flaws such as out-of-date browsers, old operating systems, and unpatched plugins. Therefore, the best line of defense is making regular updates a top priority. Additional protective measures include: 

  • Eliminate any unnecessary apps, add-ons, and software from your computer. 
  • Avoid navigating unfamiliar and non-reputable websites including file-sharing pages and platforms that serve pirated content. 
  • Before agreeing to a security pop-up, keep an eye out for grainy images, spelling errors, and other suspicious indicators.
  • When in doubt, hover over URLs in emails to check for inconsistencies between the text and the link.
  • Install a firewall to actively monitor for potential threats. 
  • Use an ad-blocker to lower the risk of an advertising-based attack. 

Stay proactive with Paubox 

While browsers are continuing to implement new protections against drive-by downloads, cybercriminals are also steadily advancing their methods and finding different ways to outsmart systems. Mindful browsing is a smart first move to safeguard your information, but strong email security is a crucial next step. 

Built to send HIPAA compliant email by default, Paubox Email Suite offers automatic email encryption to proactively defend your data from cyberattacks. With email serving as a common entry point to a drive-by download, our Plus and Premium plan levels also feature inbound email security tools that help stop threats at the source. 

Our patent-pending feature Zero Trust Email leverages email AI to create a strict identity verification process to confirm the authenticity of a message, while our patented ExecProtect feature intercepts display name spoofing attempts before they even arrive in your inbox. 

Try Paubox Email Suite Plus for FREE today.