A drive-by download can happen when someone visits a website that contains malicious code.
When visiting the site, the code detects security weaknesses in the operating system, web browser, plug-ins and other software and uses those vulnerabilities to install malware.
Once the system is infected the hacker can gain access which allows them to carry out criminal activities, all without the person’s knowledge.
Cybercriminals can steal data and use it for identity, personal and financial theft. The hacker can sell the stolen information on the dark web, use it to take over the device so it can be used as part of a botnet, or hold the device hostage and demand a ransomware payment.
What can you do to prevent an attack?
Keep your operating system, browser, plug-ins, apps and software updated.
Be careful about the websites you visit. A secure sites web address should begin with “https”
Don’t click on links in email messages, text messages or on websites that you are not certain of. Think before you click.
When downloading software be sure you are getting it from a reputable source, preferably directly from the vendor. Get any mobile apps from the Google Play or Apple Store. When installing the software read each screen carefully. Many programs try to “bundle” additional software that is not safe.
Occasionally look through the list of apps and programs you have installed on your devices. Uninstall anything you no longer need or use. Unpatched and outdated apps and software leave you vulnerable to malware attacks.
Install antivirus software and keep it up to date.
Beware of phishing, scammers use many different types of phishing techniques to trick users into opening links that direct them to dangerous websites.
The Tech Minimalist 