Be careful where you surf

It may sound strange, but your computer can get infected with malware while you are innocently browsing the Web – you don’t even need to click on anything. The problem occurs if you accidentally visit a website that’s programmed to serve up malware if you access it with a vulnerable browser.

Hackers set up booby-trapped websites, or hijack sites operated by legitimate organizations (such as banking, news or even social networking sites like FaceBook) and fill them with exploit programs. If you just land on one of these compromised sites, those exploits will pounce and activate with no warning.

The hackers use a variety of ways to lure you to these sites, using social engineering tactics like phishing, address spoofing and other ploys to turn you into a victim. The real danger is the invisibility of the attack – you don’t need to do anything, the malware is downloaded silently onto your PC as you pass through the site – hence the alternate name for this technique – drive-by downloads.

So how can you protect yourself? The most important is to make sure your browser is fully patched against the latest vulnerabilities. Then, take care not to be fooled by phishing solicitations, try to stay away from websites you’re not familiar with, and install a program like LinkScanner or SecureBrowsing that will pre-analyze the site’s content for hidden dangers before allowing you there.