Tag Archives: drive-by

I’m a Pop-up Download and I Gotcha!

Being unaware can cause havoc on your computer.

image Your Firewall and Security Applications provide the ultimate in protection while you’re surfing the web, right? Well in a sense, they do.

Paradoxically, it’s because current anti-malware solutions are much more effective than they have ever been in detecting worms and viruses, that we’re now faced with another insidious form of attack.

Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and more crafty recently. The latest twist on this is the so called “pop-up download”.

If you’re unfamiliar with the term, “drive-by download”, they are essentially programs that are automatically downloaded and installed on your computer without your knowledge. This action can occur while visiting an infected web site, opening an infected HTML email, or by clicking on the newest threat, a deceptive popup window – the so called “pop-up download”.

For example, when visiting a site, a user might receive a pop-up box that appears as an offer to download an application. The user is then asked to accept the download despite the fact no application name is offered.

Unfortunately, a typical computer user is generally undereducated in the Internet safety issues that apply in this type of scenario. Clicking “yes”, will lead to the automatic installation of an application – in many cases, an unknown application.

Popups 2

Often, more than one program is downloaded. For example, file sharing with tracking spyware is very common. Again, it’s important to remember that this can take place without warning, or your approval.

Apparently, there are now some legitimate application developers who are using this “pop-up download” method to distribute, or advertise their product. Just last night, I had an advertising popup appear on my screen from PC Tools ThreatFire, something that has not happened in the 2 years I have been using this application. Needless to say I was shocked, offended and extremely annoyed.

For more information on how to prevent popups from occurring at the Browser level, checkout “How to block ads (updated), ” at Tech – for Everyone.

Additional steps you can take to ensure you are protected, or to reduce the chances you will become a victim?

The following are actions (familiar to regular readers of this site), that you can take to protect your computer system:

  • When surfing the web – Stop. Think. Click
  • Don’t open unknown email attachments
  • Don’t run programs of unknown origin
  • Disable hidden filename extensions
  • Keep all applications (including your operating system) patched
  • Turn off your computer or disconnect from the network when not in use
  • Disable Java, JavaScript, and ActiveX if possible
  • Disable scripting features in email programs
  • Make regular backups of critical data
  • Make a boot disk in case your computer is damaged or compromised
  • Turn off file and printer sharing on your computer.
  • Install a personal firewall on your computer.
  • Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
  • Ensure the anti-virus software scans all email attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

I recommend that you ensure that the current anti- malware applications, which you depend on to protect your system, are up to the task by reading “The 35 Best Free Applications” on this site.

If you missed “Rogue Security Software on the Rise – What You Need to Know Now!”, you can read it on this site.

2 Comments

Filed under Adware, Don't Get Hacked, Freeware, Interconnectivity, Internet Safety, Malware Advisories, System Security, Windows Tips and Tools

Pop-up Downloads – They Get You Coming and Going

Being unaware can cause havoc on your computer.

dumb5 Your Firewall and Security Applications provide the ultimate in protection while you’re surfing the web, right? Well in a sense, they do.

Paradoxically, it’s because current anti-malware solutions are much more effective than they have ever been in detecting worms and viruses, that we’re now faced with another insidious form of attack.

Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and more crafty recently. The latest twist on this is the so called “pop-up download”.

If you’re unfamiliar with the term, “drive-by download”, they are essentially programs that are automatically downloaded and installed on your computer without your knowledge. This action can occur while visiting an infected web site, opening an infected HTML email, or by clicking on the newest threat, a deceptive popup window – the so called “pop-up download”.

For example, when visiting a site, a user might receive a pop-up box that appears as an offer to download an application. The user is then asked to accept the download despite the fact no application name is offered.

Unfortunately, a typical computer user is generally undereducated in the Internet safety issues that apply in this type of scenario. Clicking “yes”, will lead to the automatic installation of an application – an unknown application.

Popups 2

Often, more than one program is downloaded. For example, file sharing with tracking spyware is very common. Again, it’s important to remember that this can take place without warning, or your approval. Apparently, there are some legitimate application developers who are using this “pop-up download” method to distribute their product.

I find it galling that more so called Internet security analysts have not taken a harder line on this deceptive marketing technique. Is it any wonder the economy is in the tank, when for 20+ years the economy has been based on fraud, and deceptive and illegal practices? When are we going to learn to speak out against this type of nonsense?

What can you do to ensure you are protected, or to reduce the chances you will become a victim?

The following are actions (familiar to regular readers of this site), that you can take to protect your computer system:

  • When surfing the web – Stop. Think. Click
  • Don’t open unknown email attachments
  • Don’t run programs of unknown origin
  • Disable hidden filename extensions
  • Keep all applications (including your operating system) patched
  • Turn off your computer or disconnect from the network when not in use
  • Disable Java, JavaScript, and ActiveX if possible
  • Disable scripting features in email programs
  • Make regular backups of critical data
  • Make a boot disk in case your computer is damaged or compromised
  • Turn off file and printer sharing on your computer.
  • Install a personal firewall on your computer.
  • Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
  • Ensure the anti-virus software scans all email attachments

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

I recommend that you ensure that the current anti- malware applications, which you depend on to protect your system, are up to the task by reading “The 35 Best Free Applications” on this site.

If you missed “Rogue Security Software on the Rise – What You Need to Know Now!”, you can read it on this site.

4 Comments

Filed under Adware, Don't Get Hacked, Interconnectivity, Internet Safety, internet scams, Malware Advisories, Online Safety, Rogue Software, Spyware - Adware Protection, System Security, Windows Tips and Tools

Drive-by Downloads – Update Your Browser Right Now!

Your Firewall and Security Applications along with your Browser security add-ons provide the ultimate in protection while you’re surfing the web, right? Well in a sense they do.

Paradoxically, it’s because current anti-malware solutions are marginally more effective than they have ever been in detecting worms and viruses, that we’re now faced with another insidious form of attack.

Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and more crafty recently.

More than three million unique URLs on over 180,000 websites are automatically installing malware via drive-by downloads, according to recent statements by the Google Anti-Malware Team.

Google has not been alone in noticing this trend by cyber-criminals using these techniques. According to IBM cyber-criminals are directly attacking web browsers in order to steal identities, gain access to online accounts and conduct other criminal activities.

If you’re unfamiliar with the term, drive-by download, they are essentially programs that automatically download and installed on your computer without your knowledge. This action can occur while visiting an infected web site, opening an infected HTML email, or by clicking on a deceptive popup window.

Drive-by downloads work by targeting Internet browser vulnerabilities to download and run malware automatically when a user visits the site. Don’t think that by staying away from dangerous website such as adult sites that you’re any safer. The fact is these infected websites are all over the Internet.

Often more than one program is downloaded, for example, file sharing with tracking spyware is very common. Again, it’s important to remember that this can take place without warning, or your approval.

Recent statistics seem to indicate that 40% of frequent Internet users continue to use an outdated version of their current Internet browser. Statistics generated from my own Blog stats put this figure at 31%. These users’ are essentially already victims just waiting to be victimized again.

Do you want to ensure you are protected, or to reduce the chances you will become a victim? Then there is a really easy way to do that – update your browser to the latest version now. Right now!

While all Internet browsers can be subject to vulnerabilities, the free FireFox browser from Mozilla is the browser of choice for most security conscious users, and is preferred by those who tend to think “Geeky”, due to the amazing number of add-ons that increase safety and functionality.

Download FireFox here.

You need to be proactive when it comes to your computer’s security by making sure you have adequate software based protection to reduce the chances that your machine will become infected.

If you missed “Rogue Security Software on the Rise – What You Need to Know Now!” you can read it here.

For a different take on Google’s new browser checkout TechPaul’s “A Real Life Review of Google’s New Browser”.

3 Comments

Filed under Application Vulnerabilities, Browsers, Firefox, Freeware, Interconnectivity, Internet Safety, Malware Advisories, Online Safety, Safe Surfing, System Security, Windows Tips and Tools

Drive-by Downloads – The Paradox Created by Firewalls/Security Applications

Your Firewall and Security Applications provide the ultimate in protection while you’re surfing the web, right? Well in a sense they do.

Paradoxically, it’s because current anti-malware solutions are much more effective than they have ever been in detecting worms and viruses, that we’re now faced with another insidious form of attack.

Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and more crafty recently.

More than three million unique URLs on over 180,000 websites are automatically installing malware via drive-by downloads, according to recent statements by the Google Anti-Malware Team. Google has not been alone in noticing this trend by criminal hackers using these techniques. IBM noted recently, that criminals are directly attacking web browsers in order to steal identities, gain access to online accounts and conduct other illicit activities.

If you’re unfamiliar with the term, drive-by download, they are essentially programs that automatically download and installed on your computer without your knowledge. This action can occur while visiting an infected web site, as previously noted, opening an infected HTML email, or by clicking on a deceptive popup window. Often more than one program is downloaded, for example, file sharing with tracking spyware is very common. Again, it’s important to remember that this can take place without warning, or your approval.

What can you do to ensure you are protected, or to reduce the chances you will become a victim?

The following are actions you can take to protect your computer system:

  • When surfing the web: Stop. Think. Click
  • Don’t open unknown email attachments
  • Don’t run programs of unknown origin
  • Disable hidden filename extensions
  • Keep all applications (including your operating system) patched
  • Turn off your computer or disconnect from the network when not in use
  • Disable Java, JavaScript, and ActiveX if possible
  • Disable scripting features in email programs
  • Make regular backups of critical data
  • Make a boot disk in case your computer is damaged or compromised
  • Turn off file and printer sharing on the computer.
  • Install a personal firewall on the computer.
  • Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
  • Ensure the anti-virus software scans all e-mail attachments
  • Install McAfee Site Advisor, WOT, or a similar browser add-on

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

If you missed “Rogue Security Software on the Rise – What You Need to Know Now!” you can read it here.

4 Comments

Filed under Browsers, Email, Interconnectivity, Internet Safety, internet scams, Malware Advisories, Online Safety, Rogue Software, rootkits, Safe Surfing, Spyware - Adware Protection, Windows Tips and Tools