Skip to main content

Cornell University

Stop Websites From Installing Software Without Approval (Drive-By Download)

Websites you visit can download and install software without your knowledge or approval. This is called a drive-by download. The objective is usually to install malware, which may:

  • Record what you type and what sites you visit.
  • Search your computer for stored passwords.
  • Open your computer to remote control. 

Drive-by downloads are difficult to guard against. Legitimate sites can even be hijacked into hosting drive-by downloads though third-party ads.

How Drive-by Downloads Happen

  1. Advertising popup or other active portion of a web page: clicking or even attempting to close them is interpreted as consent to download and malware is installed on your computer. The ads or popups often look like a legitimate warning from your operating system or antivirus software.
  2. Display of web page content: if page content includes elements that need to be downloaded to view correctly, your browser may offer to download, infecting your machine.

Defend Against Drive-By Downloads

Stop using the computer as an administrator for day-to-day work. Whenever you are on the Internet with an administrator account, software can install itself without your explicit permission. Keep two separate accounts on your computer, one for day-to-day work (including everything you usually do online) and one for ONLY WHEN YOU INSTALL SOFTWARE.

Using the web without administrative rights greatly reduces both the risk of a successful drive-by download and the potential damage should one succeed.

Look for https:// Any site asking you to transmit personal information, such as credit card numbers, should always have a URL starting with https:// (note the s), rather than http://. If it does not have the s, what you send over the network is NOT encrypted. Don’t do business there. Of course, just because a site uses encryption does not guarantee it is secure. It’s still possible that the entire site is a scam.

How Browsers Try to Prevent Drive-By Downloads

Modern browsers take several defensive steps against drive-by downloads. Most will prominently warn of executable programs and offer a safe course of action. Even with these aids, it’s important to be wary of any site offering to download or run something you haven’t consciously selected.

Some browsers will refuse to directly execute software received while browsing, instead forcing you to save it to your hard drive, to be examined by an antivirus program. When this is the case, if you attempt to run that program later, even after you’ve finished browsing, you may be prompted with stern warnings about untrustworthy content.

Comments?

To share feedback about this page or request support, log in with your NetID

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.