Drive-by Downloads – The Paradox Created by Firewalls/Security Applications

Your Firewall and Security Applications provide the ultimate in protection while you’re surfing the web, right? Well in a sense they do.

Paradoxically, it’s because current anti-malware solutions are much more effective than they have ever been in detecting worms and viruses, that we’re now faced with another insidious form of attack.

Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and more crafty recently.

More than three million unique URLs on over 180,000 websites are automatically installing malware via drive-by downloads, according to recent statements by the Google Anti-Malware Team. Google has not been alone in noticing this trend by criminal hackers using these techniques. IBM noted recently, that criminals are directly attacking web browsers in order to steal identities, gain access to online accounts and conduct other illicit activities.

If you’re unfamiliar with the term, drive-by download, they are essentially programs that automatically download and installed on your computer without your knowledge. This action can occur while visiting an infected web site, as previously noted, opening an infected HTML email, or by clicking on a deceptive popup window. Often more than one program is downloaded, for example, file sharing with tracking spyware is very common. Again, it’s important to remember that this can take place without warning, or your approval.

What can you do to ensure you are protected, or to reduce the chances you will become a victim?

The following are actions you can take to protect your computer system:

  • When surfing the web: Stop. Think. Click
  • Don’t open unknown email attachments
  • Don’t run programs of unknown origin
  • Disable hidden filename extensions
  • Keep all applications (including your operating system) patched
  • Turn off your computer or disconnect from the network when not in use
  • Disable Java, JavaScript, and ActiveX if possible
  • Disable scripting features in email programs
  • Make regular backups of critical data
  • Make a boot disk in case your computer is damaged or compromised
  • Turn off file and printer sharing on the computer.
  • Install a personal firewall on the computer.
  • Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
  • Ensure the anti-virus software scans all e-mail attachments
  • Install McAfee Site Advisor, WOT, or a similar browser add-on

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

If you missed “Rogue Security Software on the Rise – What You Need to Know Now!” you can read it here.


Filed under Browsers, Email, Interconnectivity, Internet Safety, internet scams, Malware Advisories, Online Safety, Rogue Software, rootkits, Safe Surfing, Spyware - Adware Protection, Windows Tips and Tools

4 responses to “Drive-by Downloads – The Paradox Created by Firewalls/Security Applications

  1. Pingback: » Drive-by Downloads - The Paradox Created by Firewalls/Security Applications

  2. Pingback: Drive-by Downloads - The Paradox Created by Firewalls/Security Applications

  3. Pingback: Recomendaciones para proteger tu PC « Prisma Digital

  4. I always preach to people to run as a limited user, although there are elevation of privileges exploits, they are harder to craft and more often used to attack servers.(not that’s particularly comforting!) Running as a limited user can be a real pain, especially in XP but it definitely lowers your vulnerability to this.
    And congratulations you scooped Steve Gibson! Yes, Security Now the excellent podcast with Steve Gibson and Leo Laporte covered the Secunia Software Inspector 5 days after you. Great job!
    Hope you had a great weekend.