Drive-by Attacks are not just limited to websites, attackers can employ this type of attack via email, pop-ups and adverts, relying on the exploitation of unpatched security flaws present in applications, web browsers, browser extensions and operating systems.
A ‘drive-by-download’ attack is a malware delivery technique that is triggered simply because the user visited a website. Traditionally, malware was only ‘activated’ as a result of the user proactively opening an infected file (for example, opening an email attachment or double clicking on an executable that had been downloaded from the Internet).
Unfortunately, hackers have become much more sophisticated over recent years and this level of interaction is no longer required. Malware may be served as hidden codes within a website content, served content like banners, advertisements and used as a vehicle for hacking and other cyber-crime. The simple act of visiting a site is enough to get your computer infected or your personal details stolen.