fortypoundhead.com

Drive-By Downloads

Posted On 2011-05-30 by FortyPoundHead
Keywords:
Tags: Security Networking Tip 
Views: 590


Youíre surfing the Web, enjoying a quiet afternoon, when a window pops up on the screen. "New Windows Antivirus Update Available," it says. "Would you like to update your system?" You get "Yes" and "Cancel" buttons at the bottom. It looks like a real, honest-to-goodness Windows message, right down to the logo in the corner. Should you click Yes, or Cancel?

The correct answer is "Neither."

In programming terms, this is known as a Drive By Download. A website you visited has this code set to run as soon as you visit. The pop-up is trying to install something on your computer, and if you click "Yes," you really have no idea what youíre agreeing to. Your computer may now be set to make long distance phone calls, or assist in a Denial of Service attack, or just flash adult advertisements at you every thirty seconds.

Many malware programmers design their systems to look just like system messages and windows. Just because an email or a pop-up says it comes from Microsoft, or your bank, for that matter, doesnít make it true.

We donít want any of that, so we should hit "Cancel," right?

Nope.

It may look like a standard Windows message, but itís really not. Itís just an image of those buttons. Clicking either buttonóin fact, clicking anywhere in the imageóis the same as clicking "Yes" and giving the mystery program blanket permission to do whatever itís going to do.

The correct answer is to click on the little "X" at the top right of the window, closing it without clicking on anything inside it. This is one of the best ways of keeping malware off of your system.

When in doubt, donít click. This advice works for ads, email attachments, and mystery files, and is a really good habit to get into.


About the Author

FortyPoundHead has posted a total of 1974 articles.

 


Comments On This Post

No comments on this post yet!


Do you have a thought relating to this post? You can post your comment here. If you have an unrelated question, you can use the Q&A section to ask it.

Or you can drop a note to the administrators if you're not sure where you should post.


Your IP address is:54.224.30.39

Before you can post, you need to prove you are human. If you log in, this test goes away.



Recent Forum Posts

Fold Code Manager into main KB?
VB6Boy posted on July 22, 2017 at about 14:42 in Site News

Fold Code Manager into main KB?
dwirch posted on July 22, 2017 at about 14:41 in Site News

Fold Code Manager into main KB?
dwirch posted on July 21, 2017 at about 22:46 in Site News

Fold Code Manager into main KB?
dwirch posted on July 20, 2017 at about 7:55 in Site News

Job Spammer: Sam Mallon
dwirch posted on July 18, 2017 at about 18:36 in Spammers

When setting up a certificate authority ...
dwirch posted on July 13, 2017 at about 9:07 in General