INSIGHT: Top 4 ways to combat drive-by downloads
- 12 October, 2015 03:30
Drive-by downloads, where users unintentionally download viruses or malware, are becoming hackers’ preferred way of accessing personal data.
These attacks involve email spam with web links taking the recipient to malicious websites - people need to be aware of how these attacks occur and take adequate cyber security measures to protect themselves.
“People are now more cautious of downloading attachments from emails,” says Jonathan Banks, Account director A/NZ, F-Secure.
“Online crooks have adapted and found a way to avoid user precautions and install their malware for you. People need to stay ahead of the hackers’ game and implement security technologies to keep them safe online.”
Banks outlines four things to remember when it comes to drive-by downloads:
1. It’s time people understand the risks
By simply clicking on an email, a website, or a pop-up window, rogue software can be installed on devices - these attacks work by fooling people into thinking they are legitimate links.
“Even though these attacks have been around for years, people still don’t understand what drive-by downloads are and the risks involved,” Banks adds.
“If you hear a major site was serving up malware through bad ads, chances are a drive-by download was involved.”
2. It takes a village (or at least an infrastructure) to make it work
Banks believes the threat is an ecosystem with many players.
For example, the hackers can buy a list of email addresses and hire spammers to spam email.
The spam links to the hired exploit kit vendor who drops a trojan-downloader (which was bought from some other vendor), and then the trojan-downloader downloads and installs the hackers’ trojan (which is also likely based on a kit, such as ZeuS).
“People must realise that this is a thriving industry working to gain access to private data,” he adds. “This is driving attacks to become more sophisticated.”
3. The threat is multi-layered
The threat is engineered to get around security software - keeping all software updated all the time is a necessary precaution.
But these attacks tend to involve exploit kits that could target any and all vulnerabilities.
“Make sure your security software uses multiple methods to protect against both known and unknown threats,” Banks adds.
“For example, the malware might be smart enough to circumvent antivirus software, but another layer of protection will detect and block the threat.”
4. The threat is personalised
Hackers are increasingly using social engineering techniques to manipulate people into ignoring normal security precautions.
By increasing the relevance of the link to the individual user, they increase the chances of the person clicking through and giving hackers access to their data.
“Hackers often play on users’ trust by using a friend’s email addresses or an apparently legitimate party, like a bank or big-name company, to execute drive-by download attacks,” Banks adds.
“People should delete any emails requesting sensitive data, be sure to research the facts when contacted by companies or friends, and be suspicious of any unsolicited contact.”