In the first article, we discussed some of the more insidious tools that cybercriminals use in order to wreak havoc amongst the populous. We explained what a Drive-by Download attack was and why it is so difficult to detect and prevent. In part two of this article, the Adaware Malware Labs Team will show you some of the tools you can use in order to steer clear of drive-by downloads.
How to protect yourself from a drive-by download attack
A cybercriminals goal is to steal from you – be it your personal data or even your system. So the better you can shelter your sensitive data and computer from the cybercriminals, the less vulnerable you will be.
Keep your systems OS updated
Whenever a new software release, patch or OS update is made available, make sure you have your system automatically install it right away. If you prefer to do it manually, make sure you do all of the manual updates prior to the next time you surf the web.
Whenever any new software releases are made available, cybercriminals will attempt to reverse engineer the solution in order to trap any user that lands inadvertently on a drive-by infected website. As we mentioned in part one, the malware is designed to look for software vulnerabilities that can be exploited, and an out of date OS is a definite security vulnerability.
Manage your applications
There is an adage when it comes to clothes if you have not worn it for a year it is just cluttering up cupboard space. The same holds true for your PC. Old out of date applications and OS are vulnerable and waiting to be exploited by drive-by download attacks. The following is a list of just a few of the many potential vulnerability points on your computer:
- Out of date Operating Systems (OS)
- Adobe Reader
- Old browser plug-ins
- Out of date web browsers like – Chrome, FireFox, Explorer
- Older version of Microsoft Office
As a best practice, we recommend that you perform a semi-annual review of all applications. If you no longer use it, then delete it. You will not only make it more difficult for drive-by attack malware to find vulnerabilities; you will also make your system perform faster and work more efficiently.
Make sure you have an updated antivirus solution installed
Ensuring you have the right antivirus solution for your needs is critically important. While it will not prevent you from inadvertently landing on a drive-by hijacked website, the right antivirus solution like Adaware will detect and destroy any malware that may infect your computer. Always make sure your antivirus software is up to date at all times.
Make it a best practice to run a complete scan of your computer at least once a week, more often if you browse the Internet frequently. A scan can be set up to run automatically at a time that is not obtrusive to you.
Install a good antimalware solution
While an antivirus solution is more of a reactive approach, an excellent antimalware solution is a proactive approach to prevent drive-by download attacks. An antimalware solution like Web Companion is designed to alert you before you land on the drive-by download hijacked website. If you are unable to land on a hijacked site, your system will not be able to become infected with malware.
Install an ad blocker
Drive-by download attacks will frequently use pop-up ads as a method to distribute malware to unsuspecting victims. By using an ad blocker that is part of an antimalware solution like Web Companion or on its own will help make your system safer, as well as helping to reduce your potential exposure to these types of attacks.
As cybercriminals become more sophisticated, it is up to each and every one of us to never take online security for granted. However, despite the inherent dangers posed by drive-by downloads, there are several relatively simple steps that you can take to protect yourself online.