According to Google statistics, 2,117 out of every million pages loaded in Chrome are infected by drive-by-download malware. The danger with drive-by-downloads comes from the fact that a user need not actually click on anything in order to precipitate a catastrophic chain of events.
Drive-by-downloads sneak past safeguards due to outdated or insecure operating systems, browsers, software, or apps.
Writes ZDNet, “Not all drive-by downloads are considered malicious, as some URLs are meant to trigger a file download when accessed. However, when a download is triggered on a web page from an iframe element hidden in its code, those types of downloads are almost always malicious in nature.”
Chrome, Firefox, and Internet Explorer are well on their way when it comes to adding sandboxing drive-by-download safeguards to their suite of security measures. Browsers like Opera, Vivaldi, Brave, and Microsoft Edge also anticipate modifying their security accordingly.
Protecting against DBDs is also of concern for most organizations. Security experts recommend using only popular browsing tools, patching (a self-explanatory solution) and sandboxing.
Inspecting incoming threats with secure sandboxing environments can reduce your risk of falling victim to insidious code. Get details on threat sandboxing here.