Malware

What are malicious websites?


Authored by a Symantec employee

 

Most people are unaware of the fact that you don’t have to intentionally download a malicious attachment in order to compromise your computer’s security. Malicious websites and drive-by downloads are just two ways that your security can become compromised by doing nothing more than visiting a website. Both underpin the necessity of protecting your computer with a strong Internet Security Program. And despite what you might have heard, Macs need them just as much as Windows machines.

What is a malicious website?

A malicious website is a site that attempts to install malware (a general term for anything that will disrupt computer operation, gather your personal information or, in a worst-case scenario, gain total access to your machine) onto your device. This usually requires some action on your part, however, in the case of a drive-by download, the website will attempt to install software on your computer without asking for permission first.

What’s more, malicious websites often look like legitimate websites. Sometimes they will ask you to install software that your computer appears to need. For example, a video website might ask you to install a codec, which is a small piece of information a video player needs to run on a website. You might be used to installing safe codecs, but it only takes one unsafe installation to compromise your machine, and your sensitive information along with it. Similarly, the website might ask for permission to install one program, but install a completely different one -- one that you definitely do not want on your computer.

 

Device security, Dark Web Monitoring powered by LifeLock and a VPN–up to 60% off*

NEW Norton 360 has multiple layers of protection including a VPN for online privacy.

 

What is a drive-by download?

Drive-by downloads are even scarier than a malicious website, though the two sometimes overlap. Drive-by downloads can be installed on your computer simply by looking at an email, browsing a website or clicking on a pop-up window with text designed to mislead you, such as a false error message. This type of malware is particularly frightening, because it’s basically impossible to know if you’ve done something to install the malware. What’s more, your anti-virus software might be incapable of detecting it, because hackers deliberately make it difficult for anti-virus software to detect.

 

Drive-by downloads often don’t require your consent, or tricking you into giving it. Sometimes the malicious code hides deep in the code of the website. Once the download is on there, it can be difficult or impossible to get off of your computer, tablet or mobile phone. You might even be visiting a website you’ve visited hundreds of time and trust, but somehow a drive-by download got in there.

 


How do I protect myself against malicious websites and drive-by downloads?

  • Internet security software can’t always detect bad software from malicious websites and drive-by downloads. It can, however, prevent you from getting them in the first place. Defensive software such as Norton Security will prevent known drive-by downloads and warn you when you try to visit a malicious website.
  • The best thing you can do to protect yourself is to keep your computer’s software up to date, most importantly your operating system. Often times, hackers utilize known security problems in software before manufacturers can patch the problem. Updating your software prevents you from being low-hanging fruit.
  • Don’t install codecs unless you’re absolutely positive that they’re safe.
  • Don’t open emails that seem suspicious or “spammy,” especially if they contain attachments or are from unknown senders.
  • If you get a link in an email, it doesn’t hurt to visit the main website by typing the address into your browser manually. When in doubt, call the person who sent you the email before clicking.
  • If you’re the least bit suspicious about a URL, use Norton Safe Web to check it out.
  • If a website seems off, looks like it’s installing something or is asking permission to install codecs, you’re better off closing the tab and looking for the content elsewhere.

 

There are a lot of dangers out there and malicious websites hosting drive-by downloads are some of the newest and scariest. But there are ways for you to protect yourself so that you can use the Internet without trouble. Do your due diligence and exercise reasonable caution and your web surfing should be smooth sailing.


Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2019 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.

No one can prevent all identity theft or cybercrime.  Not all products, services and features are available on all devices or operating systems. System requirement information on norton.com.

*Important Subscription, Pricing and Offer Details:

  • The price quoted today may include an introductory offer. After that, your membership will automatically renew and be billed at the applicable monthly or annual renewal price found here.
  • You can cancel your subscription at my.norton.com or by contacting Member Services & Support. For more details, please visit the Refund Policy.
  • Your subscription may include product, service and /or protection updates and features may be added, modified or removed subject to the acceptance of the Customer Agreement.

The number of supported devices allowed under your plan are primarily for personal or household use only. Not for commercial use. If you have issues adding a device, please contact Member Services & Support.

§ Dark Web Monitoring in Norton 360 plans defaults to monitor your email address only. Please login to the portal to review if you can add additional information for monitoring purposes.